On Tuesday 21 September 2010 11:20 AM, Raj Mathur (राज माथुर) wrote:
No you can't , even if you try, it will show to the receiver that it is a bad signature ( the message is being tempered ).
Actually you can copy the whole mail, along with signature, and send it to someone else. However, the signature will then be of the original sender, while the message will appear to come from you, so the recipient would know that some skulduggery is afoot.
Incidentally, Gaurav, signing messages with a key that is not available on the keyservers is useless.
The whole process looks like the md5 sum generated from a Cd/DVD ISO. The md5 can be cross checked manually using md5sum. In case of emails, the regular email client of the recipient does not make any difference between a real or fake PGP signature, so what is the point in adding it? As recipients who use this feature?