> I think it should return 1 in this case. But I get 2. Why? Because there were no bad signatures. A signature which cannot be verified is neither good nor bad, it just is.
The alternative would be for GnuPG to return a bad signature literally *whenever* it had no public key with which to verify the signature, meaning that 99% of signatures on a mailing list would be reported as bad. Can you imagine the bug reports we'd get from people if that were the case? "Your software package is listing every single signed message I've received as being bad!" _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users