Manage Learn to apply best practices and optimize your operations.

Step 5: Verifying signed e-mail in WinPT

Verifying a message is just as simple.

  1. Open the message in question.
  2. Right-click on the WinPT icon in the system tray and select Current Window | Decrypt / Verify.
  3. A window will appear that describes when the message was signed, the key and user ID, and whether or not the signature is valid.

WinPT lets you sign, encrypt and decrypt/verify the contents of the clipboard in the same way. Right-click on the tray icon and select Clipboard instead of Current Window, and then choose the appropriate option. Note that if you use encryption on the contents of a window, the window must have something in it that can be copied and read as plain text; the program copies the window's text to the clipboard to process it.

When you sign (but don't encrypt) a message, the blocks in the message look a little different. At the top you'll see -----BEGIN PGP SIGNED MESSAGE-----, along with information about the "hash" -- the cryptographic method -- used to sign the message. (The usual hash type is SHA1.) Below that is the message itself, and then the -----BEGIN PGP SIGNATURE----- block.

I've found that in some cases, the -----BEGIN PGP SIGNATURE----- block sometimes winds up on the same line as the last line of the message (or on the line immediately after the end of the message), That will cause the signature check to fail. If that happens, insert a single line break between the last line of the message and the start of the signature block, and make sure the signature is valid. Never tamper with the signature itself or the rest of the message. It's always a good idea to verify (i.e., test-decrypt) a signed message before sending it -- and to try sending yourself a couple of test messages to see if quirks such as line breaks or other problems get introduced into your signed messages.


Simple e-mail encryption

 Home: Introduction
 Step 1: Outlook's S/MIME
 Step 2: Public keypairs
 Step 3: GnuPG and WinPT: Setup
 Step 4: Encrypting e-mail in WinPT
 Step 5: Verifying signed e-mail in WinPT
 Step 6: Extras: Symmetric encryption and hotkey commands


More information from SearchWindowsSecurity.com

  • Whitepaper: Contributing to regulatory compliance with e-mail encryption
  • Opinion: How much encryption is enough?

  • ABOUT THE AUTHOR:
    Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well! Copyright 2005 TechTarget
    This was last published in November 2005

    Dig Deeper on Microsoft email administration

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.

    -ADS BY GOOGLE

    SearchVirtualDesktop

    SearchWindowsServer

    Close