diff --git a/app/models/post.rb b/app/models/post.rb
index d2d69895d..23ed10167 100644
--- a/app/models/post.rb
+++ b/app/models/post.rb
@@ -47,10 +47,22 @@ class Post
   
   key :owner_signature, String
   
+  def signable_accessors
+    accessors = self.class.roxml_attrs.collect{|definition| 
+      definition.accessor}
+    accessors.delete 'person'
+    accessors
+  end
+
+  def signable_string
+    signable_accessors.collect{|accessor| 
+      (self.send accessor.to_sym).to_s}.join ';'
+  end
+
   def verify_signature
     return false unless owner_signature && person.key_fingerprint
     validity = nil
-    GPGME::verify(owner_signature, to_xml.to_s, {:armor => true, :always_trust => true}){ |signature|
+    GPGME::verify(owner_signature, signable_string, {:armor => true, :always_trust => true}){ |signature|
       validity =  signature.status == GPGME::GPG_ERR_NO_ERROR &&
         signature.fpr == person.key_fingerprint
     }
@@ -60,7 +72,7 @@ class Post
   protected
   def sign_if_mine
     if self.person == User.first
-      self.owner_signature = GPGME::sign(to_xml.to_s,nil,
+      self.owner_signature = GPGME::sign(signable_string,nil,
         {:armor=> true, :mode => GPGME::SIG_MODE_DETACH})
     end
   end
diff --git a/spec/user_encryption_spec.rb b/spec/user_encryption_spec.rb
index 41842af3d..bb02e29b0 100644
--- a/spec/user_encryption_spec.rb
+++ b/spec/user_encryption_spec.rb
@@ -92,7 +92,7 @@ describe 'user encryption' do
     
     it 'should verify a remote signature' do 
       message = Factory.create(:status_message, :person => @person)
-      message.owner_signature = GPGME.sign(message.to_xml.to_s, nil,
+      message.owner_signature = GPGME.sign(message.signable_string, nil,
         {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
       message.save    
       message.verify_signature.should be true
@@ -100,7 +100,7 @@ describe 'user encryption' do
     
     it 'should know if the signature is from the wrong person' do
       message = Factory.create(:status_message, :person => @person)
-      message.owner_signature = GPGME.sign(message.to_xml.to_s, nil,
+      message.owner_signature = GPGME.sign(message.signable_string, nil,
         {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
       message.person = @u
       message.verify_signature.should be false
@@ -108,7 +108,7 @@ describe 'user encryption' do
    
     it 'should know if the signature is for the wrong text' do
       message = Factory.create(:status_message, :person => @person)
-      message.owner_signature = GPGME.sign(message.to_xml.to_s, nil,
+      message.owner_signature = GPGME.sign(message.signable_string, nil,
         {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
       message.message = 'I love VENISON'
       message.save