"Invalid" User ID - Why? - PGP

This is a discussion on "Invalid" User ID - Why? - PGP ; I sent a PGP signed message today from Outlook, and noted that in the headers, there is a notation that my Signer ID is "invalid." What is this saying, and how do I fix it? Thanks! - Earl Here is ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: "Invalid" User ID - Why?

  1. "Invalid" User ID - Why?

    I sent a PGP signed message today from Outlook, and noted that in the
    headers, there is a notation that my Signer ID is "invalid." What is this
    saying, and how do I fix it?

    Thanks!

    - Earl

    Here is the information from the message (At sign removed from e-mail
    address to avoid spambots):

    *** PGP Signature Status: good

    *** Signer: Earl S. Jones (Invalid)

    *** Signed: 7/30/2004 10:04:35 AM

    *** Verified: 7/30/2004 10:04:43 AM

    *** BEGIN PGP VERIFIED MESSAGE ***




  2. Re: "Invalid" User ID - Why?

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    "E Jones" writes:

    >I sent a PGP signed message today from Outlook, and noted that in the
    >headers, there is a notation that my Signer ID is "invalid." What is this
    >saying, and how do I fix it?


    Usually, a key is said to be invalid if it is uncertain whether
    it really belongs to the person indicated in the uid. See the
    discussion of "web of trust" in the PGP documentation.

    >*** Signer: Earl S. Jones (Invalid)


    A uid typically has a user full name, an email address, and an
    optional comment. Here, it almost looks as if "Invalid" is the
    comment. In that case PGP isn't saying that the ID is invalid. It
    is merely displaying the ID, including comment, and the word
    "Invalid" comes from the ID itself.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.3.6 (SunOS)

    iD8DBQFBCm8IvmGe70vHPUMRAt94AKCZkKTrjzyxaItEwRumbj t3tz7v1gCg327J
    FGcerwuYuNJVbABNZ13Kj5Y=
    =TmUc
    -----END PGP SIGNATURE-----


  3. Re: "Invalid" User ID - Why?

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    On or about 7/30/2004 11:53, Neil W Rickert penned the following:

    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    > "E Jones" writes:
    >
    >>I sent a PGP signed message today from Outlook, and noted that in
    >>the headers, there is a notation that my Signer ID is "invalid."
    >>What is this saying, and how do I fix it?

    >
    > Usually, a key is said to be invalid if it is uncertain whether
    > it really belongs to the person indicated in the uid. See the
    > discussion of "web of trust" in the PGP documentation.
    >
    >>*** Signer: Earl S. Jones (Invalid)

    >
    > A uid typically has a user full name, an email address, and an
    > optional comment. Here, it almost looks as if "Invalid" is the
    > comment. In that case PGP isn't saying that the ID is invalid. It
    > is merely displaying the ID, including comment, and the word
    > "Invalid" comes from the ID itself.
    >
    > -----BEGIN PGP SIGNATURE-----
    > Version: GnuPG v1.3.6 (SunOS)
    >
    > iD8DBQFBCm8IvmGe70vHPUMRAt94AKCZkKTrjzyxaItEwRumbj t3tz7v1gCg327J
    > FGcerwuYuNJVbABNZ13Kj5Y=
    > =TmUc
    > -----END PGP SIGNATURE-----
    >

    Neal -

    Here's what I get from your e-mail when I decode:
    *** PGP SIGNATURE VERIFICATION ***
    *** Status: Bad Signature from Invalid Key
    *** Alert: Signature did not verify. Message has been altered.
    *** Alert: Please verify signer's key before trusting signature.
    *** Signer: Neil Rickert (usenet signing key)
    (0x4BC73D43)
    *** Signed: 7/30/2004 11:53:44 AM
    *** Verified: 7/30/2004 1:39:33 PM
    *** BEGIN PGP VERIFIED MESSAGE ***








    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.1 - not licensed for commercial use: www.pgp.com

    iQA/AwUBQQqIppqPqrj61A04EQIRuQCeO8fRvZ1/DCJV4vr0SEo+oqh/j0kAoMOB
    G/PqP+ozteRZZu5nV1D8Z9Ab
    =JMtB
    -----END PGP SIGNATURE-----

  4. Re: "Invalid" User ID - Why?

    Sorry Neal -
    I had an old key of yours - did an update - it's ok now.

    On or about 7/30/2004 13:43, Dirty Ed penned the following:

    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    > On or about 7/30/2004 11:53, Neil W Rickert penned the following:
    >
    >> -----BEGIN PGP SIGNED MESSAGE-----
    >> Hash: SHA1
    >>
    >> "E Jones" writes:
    >>
    >>>I sent a PGP signed message today from Outlook, and noted that in
    >>>the headers, there is a notation that my Signer ID is "invalid."
    >>>What is this saying, and how do I fix it?

    >>
    >> Usually, a key is said to be invalid if it is uncertain whether
    >> it really belongs to the person indicated in the uid. See the
    >> discussion of "web of trust" in the PGP documentation.
    >>
    >>>*** Signer: Earl S. Jones (Invalid)

    >>
    >> A uid typically has a user full name, an email address, and an
    >> optional comment. Here, it almost looks as if "Invalid" is the
    >> comment. In that case PGP isn't saying that the ID is invalid. It
    >> is merely displaying the ID, including comment, and the word
    >> "Invalid" comes from the ID itself.
    >>
    >> -----BEGIN PGP SIGNATURE-----
    >> Version: GnuPG v1.3.6 (SunOS)
    >>
    >> iD8DBQFBCm8IvmGe70vHPUMRAt94AKCZkKTrjzyxaItEwRumbj t3tz7v1gCg327J
    >> FGcerwuYuNJVbABNZ13Kj5Y=
    >> =TmUc
    >> -----END PGP SIGNATURE-----
    >>

    > Neal -
    >
    > Here's what I get from your e-mail when I decode:
    > *** PGP SIGNATURE VERIFICATION ***
    > *** Status: Bad Signature from Invalid Key
    > *** Alert: Signature did not verify. Message has been altered.
    > *** Alert: Please verify signer's key before trusting signature.
    > *** Signer: Neil Rickert (usenet signing key)
    > (0x4BC73D43)
    > *** Signed: 7/30/2004 11:53:44 AM
    > *** Verified: 7/30/2004 1:39:33 PM
    > *** BEGIN PGP VERIFIED MESSAGE ***
    >
    >
    >
    >
    >
    >
    >
    >
    > -----BEGIN PGP SIGNATURE-----
    > Version: PGP 8.1 - not licensed for commercial use: www.pgp.com
    >
    > iQA/AwUBQQqIppqPqrj61A04EQIRuQCeO8fRvZ1/DCJV4vr0SEo+oqh/j0kAoMOB
    > G/PqP+ozteRZZu5nV1D8Z9Ab
    > =JMtB
    > -----END PGP SIGNATURE-----


  5. Re: "Invalid" User ID - Why?

    "E Jones" wrote in
    news:fzsOc.6071$Bc6.1370@fe1.columbus.rr.com:

    > I sent a PGP signed message today from Outlook, and noted that in the
    > headers, there is a notation that my Signer ID is "invalid." What is
    > this saying, and how do I fix it?
    >
    > Thanks!
    >
    > - Earl
    >
    > Here is the information from the message (At sign removed from e-mail
    > address to avoid spambots):
    >
    > *** PGP Signature Status: good
    >
    > *** Signer: Earl S. Jones (Invalid)
    >
    > *** Signed: 7/30/2004 10:04:35 AM
    >
    > *** Verified: 7/30/2004 10:04:43 AM
    >
    > *** BEGIN PGP VERIFIED MESSAGE ***


    Invalid means that the key has not been signed by you, to indicate that
    you know it belongs to who it is suppose to belong to.

    --
    Tom McCune
    My PGP Page & FAQ: http://www.McCune.cc/PGP.htm

+ Reply to Thread