On Tue, 30 Dec 2025 00:34, Jacob Bachmeyer said: > structure, or is this basically an unfixable problem? Could GPG > perform such validation steps and emit a warning if a clearsigned > message does not strictly conform?
It does. The thing here is that you need to known what has been signed. The only way to do this is to let gpg give you the signed and unescaped) data (with --output FILE). Actually we have the same problem with MIME when forwarding a mail. Not all MUAs correctly mark which parts are signed by which signature. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein
openpgp-digital-signature.asc
Description: PGP signature
