Key ID in pgpverify

Russ Allbery rra at stanford.edu
Tue Feb 16 20:24:34 UTC 2010


Julien ÉLIE <julien at trigofacile.com> writes:

> Should we go on supporting them in pgpverify?

> I have just found out an interesting page:
>    http://ftp.nluug.nl/security/ssh/HOWTO-CHECK-SIGNATURES

> It looks as though PGP 6.5.x does not give the key ID.  Strange.

>       Good signature from user "Ssh 2 Distribution Key <ssh2 at ssh.fi>".
>       Signature made YYYY/MM/DD HH:MM GMT

> I do not know for ViaCrypt PGP 4.0.

I don't know.  I'm really not sure how much people use things other than
GnuPG at this point.  I think GnuPG is available everywhere that INN is,
so it might be easier to just tell people to use GnuPG in the long run,
although as long as it's not hard to support other implementations, it
would be nice to do so.

> Incidentally, the script breaks with internationalized distributions.
> PGP 2.6.3a for instance provides a translation file:

> "\nGood signature from user \"%s\".\n"
> fr: "\nBonne signature de l'utilisateur \"%s\".\n"

> "Signature made %s using %d-bit key, key ID %s\n"
> fr: "Signature faite %s en utilisant un clef de %d bits. Id de la clef:%s\n"

> When used, control articles cannot be verified...

pgpverify should set LC_ALL to C.  I really need to get around to doing a
new release.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>

    Please send questions to the list rather than mailing me directly.
     <http://www.eyrie.org/~eagle/faqs/questions.html> explains why.



More information about the inn-workers mailing list