Step 5: Verifying signed e-mail in WinPT

Step 5: Verifying signed e-mail in WinPT

Verifying a message is just as simple.

  1. Open the message in question.
  2. Right-click on the WinPT icon in the system tray and select Current Window | Decrypt / Verify.
  3. A window will appear that describes when the message was signed, the key and user ID, and whether or not the signature is valid.

WinPT lets you sign, encrypt and decrypt/verify the contents of the clipboard in the same way. Right-click on the tray icon and select Clipboard instead of Current Window, and then choose the appropriate option. Note that if you use encryption on the contents of a window, the window must have something in it that can be copied and read as plain text; the program copies the window's text to the clipboard to process it.

When you sign (but don't encrypt) a message, the blocks in the message look a little different. At the top you'll see -----BEGIN PGP SIGNED MESSAGE-----, along with information about the "hash" -- the cryptographic method -- used to sign the message. (The usual hash type is SHA1.) Below that is the message itself, and then the -----BEGIN PGP SIGNATURE----- block.

I've found that in some cases, the -----BEGIN PGP SIGNATURE----- block sometimes winds up on the same line as the last line of the message (or on the line immediately after the end of the message), That will cause the signature check to fail. If that happens, insert a single line break between the last line of the message and the start of the

    Requires Free Membership to View

    Login

    When you register, you’ll also receive targeted alerts from my team of editorial writers and independent industry experts with the latest news, tips, and advice to help you do your job more efficiently and effectively. Our goal is to keep you informed on the hottest topics and biggest challenges faced by IT professionals today working with desktop management and security technologies.

    Cathleen A. Gagne, Senior Editorial Director

    By submitting your registration information to SearchEnterpriseDesktop.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchEnterpriseDesktop.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

signature block, and make sure the signature is valid. Never tamper with the signature itself or the rest of the message. It's always a good idea to verify (i.e., test-decrypt) a signed message before sending it -- and to try sending yourself a couple of test messages to see if quirks such as line breaks or other problems get introduced into your signed messages.


Simple e-mail encryption

 Home: Introduction
 Step 1: Outlook's S/MIME
 Step 2: Public keypairs
 Step 3: GnuPG and WinPT: Setup
 Step 4: Encrypting e-mail in WinPT
 Step 5: Verifying signed e-mail in WinPT
 Step 6: Extras: Symmetric encryption and hotkey commands

More information from SearchWindowsSecurity.com

  • Whitepaper: Contributing to regulatory compliance with e-mail encryption
  • Opinion: How much encryption is enough?

    • ABOUT THE AUTHOR:
    Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well! Copyright 2005 TechTarget

    This was first published in November 2005