On 2016-09-19 16:15, Ian Zimmerman wrote:

> For my part I now think this is a flea.

There must be more than one thing going on :(

I did the manual gpg test on multiple mails, this time properly
massaging them into the RFC 3156 format.  In most cases, mutt and gpg
actually agree: both say BAD, or both say GOOD.  There is one exception,
though: Miro's original message in which this thread is rooted.  That
one verifies OK through manual gpg, but mutt says BAD.

So, there's a flea, but there's also a bug :(

Can the house experts comment on this - Patrick, Erik, Cameron?  Does
sig verification just work for you?

Here are the mailing list messages I tested:

                                                          mutt    gpg

http://marc.info/?l=gentoo-user&m=147435795624410&q=raw   GOOD    GOOD

http://marc.info/?l=mutt-users&m=147420131617997&q=raw    GOOD    GOOD

http://marc.info/?l=mutt-users&m=147417425713497&q=raw    BAD     GOOD

http://marc.info/?l=mutt-users&m=147418223314681&q=raw    BAD     BAD

http://marc.info/?l=gentoo-user&m=147421675920866&q=raw   BAD     BAD

I conjecture that the BAD result in the case of Jean-Christophe's
message, #4 above, results from him inserting a non-standard X- header
in the signed MIME part.  I don't have an explanation for the other BAD
results.

-- 
Please *no* private Cc: on mailing lists and newsgroups
Why does the arrow on Hillary signs point to the right?