Topic: "-Show quoted text-" Causes incorrect invalid signiture result [Gmail]

Hello,

First off I want to say that I love the plugin, it's great.

One issue I've run into is that when I receive signed replied e-mail in Gmail, I always get an incorrect invalid signature result. This is because Gmail likes to add the collapsible "-Show quoted text-" link in replies. When I copy the e-mail text and run it through gpg in my shell I also get an invalid signature result. However, when I strip out the "-Show quoted text-" link and run it through again, I get a positive signature result.

Could the next version of FireGPG automatically strip out this link in e-mails? This problem makes FireGPG useless for me 80% of the time because most of the e-mails I get are replies.

Thanks.

Re: "-Show quoted text-" Causes incorrect invalid signiture result [Gmail]

Ok , ASAP smile

Re: "-Show quoted text-" Causes incorrect invalid signiture result [Gmail]

Posco

Good find!!

Re: "-Show quoted text-" Causes incorrect invalid signiture result [Gmail]

Yep, do have the same on my webmailer and then back to Thunderbirds PGP.

removing the LINK sorts the problem, tested.

But brilliant PlugIn ;-)

Dirk

Re: "-Show quoted text-" Causes incorrect invalid signiture result [Gmail]

Firstly, I would just like to reiterate what other people are saying - thanks for a great utility!

I have also been experiencing this problem. When I look at a signed message in my Sent Items, it shows as a valid signature. When somebody replies to it (they don't sign their replies), it reports that the signature is invalid. I have used GMail's "Show Original" function have have noticed that there's a difference between what's in the message I sent and the message that comes back - some extra characters have been added (though they don't display in the normal view).

This is the original message I sent:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've just sent this back as normal (unzipped). Somehow I managed to
completely forget about it!!


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFIHJTs3tCzz5kzEZQRAkZWAJ4omBNV3SBlRjXJ24wpYlPHNlOIAgCaA9rB
t9LT06PFTw748c02zbA2+Ik=
=opoq
-----END PGP SIGNATURE-----

This is what it looked like when it came back in a reply:

  -----BEGIN PGP SIGNED MESSAGE-----=20
  Hash: SHA1=20

  I've just sent this back as normal (unzipped). Somehow I managed to
  completely forget about it!!


  -----BEGIN PGP SIGNATURE-----=20
  Version: GnuPG v1.4.7 (MingW32)=20

  iD8DBQFIHJTs3tCzz5kzEZQRAkZWAJ4omBNV3SBlRjXJ24wpYlPHNlOIAgCaA9rB=20
  t9LT06PFTw748c02zbA2+Ik=3D=20
  =3Dopoq=20
  -----END PGP SIGNATURE-----=20

This second version obviously wouldn't verify. I copied it into Notepad, removed the extra characters (including the spaces at the start of the lines) and it verified successfully.

If FireGPG could identify and remove these extra characters before attempting to verify the message, I believe it would then show (correctly) as a good sign.