On Tue, 2006-01-31 at 10:58 -0500, Michael H. Warfield wrote: > I'm in a big discussion over on MailScanner over busted signatures > because they are rewriting and re-encoding the Mime messages I see quite a few signed messages on here that are flagged as being invalid, some from the same people, repeatedly. There's not a great deal of point in signing messages if something is going to mangle them along the way. Most PGP ones I see on this list are okay, and I'm guessing that those PGP ones that fail are usually because the key isn't available from a public key server (or the one that I'm trying, at least). I can't find any other sort of failed ones, at the moment, to make a judgement. I noticed one failed message which had one of those visiting cards attached, which made me wonder whether their client program stupidly attached it after signing. I kept seeing some S/MIME mails are marked invalid that wer from the same person, over and over, some time ago. I couldn't tell the reason why, there was nothing to say the certificate had been revoked, I could only guess the e-mail had been mangled in transit. I've even found Evolution claiming one message (using PGP signatures) was okay (the icon, and other stuff, at the bottom of the page). Yet when opening up the further information window about the signature, it actually said that the key'd been revoked because it was compromised. That seemed a very poor behaviour by my mail client. -- Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
