-----BEGIN PGP SIGNED MESSAGE-----
From: Derek Atkins
but wait! you can't actually verify the outer sig until you extract the key from inside the signed message? that's a bit more complicated. pgp will actually recognize a key embedded inside an armored, signed message but it won't (i don't think -- warlord?) play with the key other than tell you it is one.
Actually, PGP wont even do that. If the key is not in your keyring, it will complain about not finding it and output the de-armored message. If you want to add the key, you need to run it through PGP once to de-armor it, save off the output, and then add that output message to your keyring.
yep, you're right (like i'm surprised or something, judging from your handle) pgp won't recognize it if you don't have it on your keyring. i do work from a sun and play at home on a linux system. i have too many keys at home to make my play testing easy and i got caught in that trap. it's just too easy to add a login and start playing with pgp in a simulated multi-user environment that doesn't have the pitfalls of the real world. - -- - --< "CYBERBOY" >-- andrew@ml.com (Andrew Brown) Phone: 1.212.449.0088 Fax: 1.212.449.8612 genetic Soviet fissionable plutonium DES Kennedy nuclear terrorist Waco, Texas NSA Qaddafi Marxist FSF ammunition South Africa -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLu0aY7AuBPCxVEQ9AQF7mwP9GY+DQtdjPLrF6XS+yJIXXhCaZELt1cDl HHscvAeJL1SQplYcrmCtE5N2QLPVtQh5Dty/6qjYZ21fs4nA5CrK+6Z0Mxfxqc4V eSKk1OVvtT6HjcNx7cFzNjrF0C8eWcnpd256Zgdjfn6DhSY4Jal9X+w4MZiSvCQS MRYy6GvfQho= =xCcd -----END PGP SIGNATURE-----