Discuss mailing list

[Niles Rogoff <nilesrogoff AT gmail.com>]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

I'm pretty sure if you use gpg --clearsign, it automatically strips some whitespace for you before signing.

-----BEGIN PGP SIGNATURE-----

iQFFBAEBCAAvFiEEx9YcX+LvENZTiyRXt4uQjyNDD4AFAlhMSPkRHG5pbGVzQHJv

Z29mZi54eXoACgkQt4uQjyNDD4CwXgf/b+BJ31jzB/O2Lj3ePV/GP+KC+6BYQZvh

1pmbscdMzFqY/BRoN7N6Zde4lp0v7fx8KEvlzdDaiCbXFbuEwbV4h/JUGlW1sm4P

bIw2iLmKuhIB7dfoTkYfauvdylGqp2TOmqMo5IVZcfJTi0Y4spyoiUYEQiix7oCZ

OchyIUNazE7MMRMX2Z1i/Ku531aQK7YcBZ8jlc+D9R4K00c8eM79BKe5il6E2Wdl

qmTMEEoee2kBFn9XDSqD+i5ROweOXpm+bajqVhwQEyEtvt7jgV/zrrADVdqnFt+d

TH80AbArNzYD5OOQWb7e4Xcv1V40NaVEB9YXuKaIRIMy8fk5y/lFdg==

=v+2M

-----END PGP SIGNATURE-----

2016-12-10 13:27 GMT-05:00 Verax <verax AT 8chan.co>:

Yeah, PGP/MIME is mostly the same, but I think you have to mangle around
the separators to get it to validate.  Also, whitespace may bite you,
that's always a pain.

--Verax

simple AT sdf.org wrote:
> Probably my insistence on interacting with the online world as if it were
> still the 1990s is partly to blame; I still mostly use a CLI environment:
>
>   % > gpg --search-keys verax AT 8chan.co
>   gpg: searching for "verax AT 8chan.co" from hkp server keys.gnupg.net
>   (1)     Verax <verax AT 8chan.co>
>             3072 bit DSA key 0D12CB17, created: 2015-03-19
>   Keys 1-1 of 1 for "verax AT 8chan.co".  Enter number(s), N)ext, or Q)uit > 1
>   gpg: requesting key 0D12CB17 from hkp server keys.gnupg.net
>   gpg: key 0D12CB17: public key "Verax <verax AT 8chan.co>" imported
>   gpg: Total number processed: 1
>   gpg:               imported: 1
>
>   % mailx
>   ..
>   & |gpg
>   Pipe to: "gpg"
>   ..
>   gpg: Signature made Fri Dec  9 22:54:28 2016 PST using DSA key ID 0D12CB17
>   gpg: Good signature from "Verax <verax AT 8chan.co>"
>   gpg: WARNING: This key is not certified with a trusted signature!
>   gpg:          There is no indication that the signature belongs to the owner.
>   Primary key fingerprint: 87C2 37C6 B247 C3C2 25DC  A733 8FCD 9863 0D12 CB17
>   "gpg" 72/3182
>
> The previous message (with the PGP/MIME sig) had signature.asc attached
> but perhaps the format is different.  Also I don't think gpg (not gpg2)
> has a PGP/MIME option; didn't see it mentioned in the manpage.
>
> --Jeff
>
> Verax <verax AT 8chan.co> wrote:
>> Urk.  Enigmail verifies it on my end.  How did you download it?
>>
>> This is definitely my fault for using PGP/MIME.  I've attached a
>> clearsigned copy for you.
>>
>> --Verax
>>
>> simple AT sdf.org wrote:
>>> Verax <verax AT 8chan.co> wrote:
>>>
>>>> Greetings and merry Christmas to the OpenNIC community.
>>>>
>>>> 2016 has come to an expiration, and so have our keys. The 2017 KSK and
>>>> 2017 January ZSK will be added to the zone on 2016-12-15, and become
>>>> active on 2017-01-01.
>>>>
>>>> I'm including them here (signed with my PGP key) to verify them for
>>>> anyone who cares about that sort of thing.
>>>> ..
>>>
>>> % gpg --verify /var/tmp/signature.asc /var/tmp/verax.txt
>>> gpg: Signature made Fri Dec  9 19:55:57 2016 PST using DSA key ID 0D12CB17
>>> gpg: BAD signature from "Verax <verax AT 8chan.co>"
>>>      ^^^
>>>
>>>
>>>
>>>

>>> --------
>>> You are a member of the OpenNIC Discuss list.
>>> You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org