to follow up to my own e-mail. I had a look at the source code for GPGMail and MacGPGME.
I think I see that GPGMail will query gpg to identify the signature, then parse the line with the timestamp and extract the keyID from there. This is where my subkey story may play into the picture, since for my signatures command-line gpg says the following: gpg: Signature made do 3 feb 01:17:54 2011 CET using DSA key ID B59D561A gpg: using subkey B59D561A instead of primary key 5024FAE3 Is it possible that the wrong key ID is used to look up which key to use to check the signature? Also, I'm not sure whether this is a problem in GPGMail or GPGME. Who's responsible for GPGME? Begin forwarded message: > From: Raphael 'kena' Poss <m...@raphael.poss.name> > Date: 3 februari 2011 01:34:29 GMT+01:00 > To: gpgtools-users@lists.gpgtools.org > Subject: Mail does not validate my own signatures > > Hi everyone, > > this is a problem that is plaguing me for a few years already. As the > attachments to this mail suggest, GPGMail does not seem to recognize my own > signatures (although it does validate valid signatures from others). Enigmail > has no problem. > > Does anyone have an idea about what is happening? > > This error happens whether I create the signature with GPGMail or with > Enigmail. I have reproduced this with the latest GPGTools distribution > (20110125) and without any interference from MacPorts: > > kena@Mu ~ % which gpg > /usr/local/bin/gpg > kena@Mu ~ % ls -l /usr/local/bin/gpg > lrwxr-xr-x 1 root wheel 19 27 dec 2009 /usr/local/bin/gpg@ -> > /usr/local/bin/gpg2 > kena@Mu ~ % ls -l /usr/local/bin/gpg2 > lrwxr-xr-x 1 root wheel 27 3 feb 01:04 /usr/local/bin/gpg2@ -> > /usr/local/MacGPG2/bin/gpg2 > kena@Mu ~ % gpg --version > gpg (GnuPG/MacGPG2) 2.0.17 > [...] > > > Is there anything I could do to debug the signature verification process? > (get more debug info from gpg?) > > As an information point, I use a subkey to sign, instead of the master key. > (This seems unusual in the PGP/GPG world but it works well and is the > recommended way to have an expiration date on the signing key.) I don't know > if this is relevant here. > > > Thanks in advance for any suggestion. > > -- k _______________________________________________ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
