• ukio
  • New member
  • Offline
  • Registered: 2007-06-11
  • Posts: 3

Topic: Select Public Key for Signature Verification?

Hi there,

first of all, great plugin!

I have read the tutorial at http://www.chuckcaplan.com/blog/archive … il_a.html, and it says that

To verify a message that someone has signed with their private key, highlight the signed message, right-click and choose Verify. The window will then prompt you to choose the public key of the person that signed it. Assuming the message verifies, you will get a message saying the signature is valid.

I have now several public keys imported. However, when I select a PGP signed message and want to verify it with FireGPG, then
* there is no prompt which lets me select the sender's public key. Does FireGPG somehow try to auto-detect the public key??
* the error "The Message can't be verified" appears, even though it verifies well using WinPT->Clipboard->decrypt/verify... So why doesn't it work with FirePGP? (note: to eliminate other possible problems I have tested only in GMails "show original" view)

Using WinPT there seems to be some kind of auto-selection mechanism for the public key also, can somebody explain how this works (sorry, I am a PGP newbie), especially considering that the sender email is not known to WinPT (because I copy only the signed message, which does not contain the sender's email. However, the sender's real name is in there...)?

Regards,
ukio

WinXP SP2
Firefox 2.0.0.4
WinPT 1.2.0
FireGPG 0.4.1 (part of GPG4Win 1.1.0)

  • From: Geneva
  • Registered: 2007-04-04
  • Posts: 1,040

Re: Select Public Key for Signature Verification?

There are a mistake in the tutoial, gpg (and FireGPG) find the key herself...

For the error, it's dues to INLINE, we're work on to work better with gmail...

Regards,

the_glu's Website

  • ukio
  • New member
  • Offline
  • Registered: 2007-06-11
  • Posts: 3

Re: Select Public Key for Signature Verification?

hi the_glu,

thanks for the quick reply.

I am not sure if it is due to INLINE, just to be sure I write the steps more detailed:

1) open PGP-SIGNED messsage in gmail
2) then in GMail select view original (opens plain text in a new window)
3) In the plain text message window I need to first set the correct charset for firefox: ISO-8859-1 (it somehow defaults to UTF-8 otherwise)
4) then I select only the part from -----BEGIN PGP SIGNED MESSAGE-----   to   -----END PGP SIGNATURE-----  (both included) and rightclick->FireGPG->verify
==> this produces the error "The Message can't be verified"

However, when I copy the selected text and do WinPT->Clipboard->decrypt/verify then it works!

P.S.: It also does NOT work if I paste it to the FireGPG editor and try to verify it there

So it's exactly the same text, and I thouhgt that FireGPG only calls GnuPG, so the results should be the same, shouldn't they?

regards,
ukio

Last edited by ukio (2007-06-11 14:25:47)

  • ukio
  • New member
  • Offline
  • Registered: 2007-06-11
  • Posts: 3

Re: Select Public Key for Signature Verification?

hi again,

can someone verify that, given the description above, this is another problem than inline?
fact is that i am using the "view original" view of the message, which is basically plain text.
Just wondering why it doesn't work with FireGPG but it works well with WinPT?

thanks and best regards,
ukio