I wanted to make this thread in hopes that the questions will be answered and it will help others. I am currently doing escrow with John K and there is some confusion from me and the buyer as to how to properly verify his sig.
Here is his public example
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hey everyone,
I figured that as I've been getting requests here and there for escrow services, it would be better that if I made a thread about this to consolidate the matter. I'm providing this service FOC and as a service for the community, but tips are graciously accepted for my time.
I will issue a contract signed by my GPG key below, with the Bitcoin address embedded within the message. Please do not accept a Bitcoin address that is not GPG signed. Anyone who has dealt with my escrow services before knows what to expect in my contract, of course.
On the event that any problems arises, I will release the escrow to whichever party that presents me with the most convincing proof after an open discussion with others and/or theymos. I've invoked this point twice only in my escrow 'lifetime' , and both resulted in a satisfactory settlement by all parties.
As always, PM me if you need me - I'm generally responsive if you see me online.
Best,
John
Dated today: Feb 7 2013
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
iQIcBAEBAgAGBQJREyI7AAoJEINT5jezqu6wAPgQALDYQYOfd5q52cIz2I+7ojJ2
dclydx1YbLY/soMgGJS5H8QueklVoY0mV0OMYlTAX3vJB2woisvgXLjSz/OlqmSK
td79svGotNe92B7vZRT/q1MD3dW9d+vvl/v0Y5ol+j23c2JGZb5GLWypBg+fBBnw
9kg8mCIMTtAvZpxjB1icA2k5Otp+2Yawl1/5CDHn3TwkNvxMdVUmgmyPcv5jOsiN
Zx5ru6gOCjNWCMI/O1EW0QjG0j8VEVKFq0ysVHobnuD9q4MrDsHOf5m6XCjQ5/s3
oBFI+ybP395AcsTg0eLNzPhDu6EbvcCh4J2vhPhXIo/z4iLrW3TWsEV0sq+RTc6+
kL7LHqOQSZM+clTJTM55+7RcRgJuAUsG+TMfEogoGbL7ysYrMupta1e82nflwp08
crjBR2dCx1uX5qYGw+IPy1BOF2AvHKOrMCUIJVeVyIa9g5ynikEP3hWWOjWmQBMv
wRVMWoarvOtbX3W4ZEG7wq2TKeqgBOFm0FPqfwBGlzFjMR2Ge9qhG3MO0eRtrxgN
z1gtBPH3ha/IO6CS3uyvK1X3oq6zJY89Ty6jX3QcHzuWyBly3BX+MPVm/apRZAvX
hBaok54h/yoV5pRCOpnKl5kPwYoYWiSi8pgWm0fIyvrTRWm2dS5gtDQBuZdGPnVx
c5w6azyMJ0M79X4s9RiN
=06T4
-----END PGP SIGNATURE-----
If I wanted to create the steps what would they be?
1) download and install Kleopatra
2) create a .asc file with ?
3) verify message against that file ?
4) ?
etc....
Thanks
DBA
IIRC: get the public key of the sender. Then copy the whole thing in your clipboard. Right click the Kleopatra icon in the task bar. It will give you the option to verify the sig from clipboard.
Under Windows I preferred Cryptophane.
Thanks I will look at that.
I am trying to dumb it down even further so someone that has never done this at all can do it and feel confident.
1) save message text as ....
2) save signature text as ...
3) Your suggestion to go to IRC (
IIRC: get the public key of the sender. Then copy the whole thing in your clipboard. Right click the Kleopatra icon in the task bar. It will give you the option to verify the signature from clipboard.)