-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>, Jurgen Haug [JH] wrote:'
JH> What is an 'Invalid Signature'? If the signature shows up as invalid it means that the message has not been altered since being signed by the sender. However, there's no evidence that PGP has to say that the key used to sign the message really belongs to the apparent sender of the message. If you have good reason to think that the public key used to verify my or another persons message signature is really from them, then you could sign the key with an unexportable signature. In this way, you'll see the signatures not come up as being invalid. However, if I send a message and someone tampers with it in transit, i.e., tampering the text, then the signature will show up as 'bad'. So in summary, a signature may be considered invalid in that the owner of the key has not been validated. Or the signature may be considered bad, in that the message content has been altered since the message has been signed. Hope that helps. - -- -=] allie_M [=- {List Moderator} - -----BEGIN PGP SIGNATURE----- Comment: My Public Keys - http://www.ac-martin.com/pgpkeys.html iD8DBQE+RUSJV8nrYCsHF+IRAoXmAJ9NXuZ/GvmxWutrLSuf0DIPZrlkSwCfUBEg IhPlVhzlVEdC+fnCXtfMLSg= =6eKb -----END PGP SIGNATURE----- ________________________________________________ Current version is 1.62 | "Using TBUDL" information: http://www.silverstones.com/thebat/TBUDLInfo.html