OpenPGP e-mail signing/encryption question
Chris Keelan
rufmetal-MwcKTmeKVNQ at public.gmane.org
Wed Sep 3 21:37:52 UTC 2003
On Wed, 03 Sep 2003 15:29:44 -0400
Anton Markov <anton-F0u+EriZ6ihBDgjK7y7TUQ at public.gmane.org> wrote:
> Hello everyone,
>
> A couple of nights ago I decided to look into how to sign/encrypt
> e-mails. I figured out the Enigmail stuff, and got it installed and
> working fine with Mozilla Thunderbird (a great e-mail reader by the
> way). I just have two questions:
This two-part article is a good introduction:
<http://www.linuxjournal.com/article.php?sid=4828>
and
<http://www.linuxjournal.com/article.php?sid=4892>
> Should I use the same key for encrypting and signing messages, or am I
> suppose to generate different ones for each purpose? From what I
> understand (this is my first time looking into this issue) I give out my
> public key in order to receive encrypted messages.
> However, I have to give out my private key in order to sign messages or something.
You *never* give out your private key. You do use your private key to
sign a message.
> This doesn't make sense to me (why give out both keys), so either I am wrong,
> or I don't know something. Any clarification would be appreciated.
Read the articles.
>
> Also, which key server should I use to share my key? Should I upload it
> to several, or are they all synchronized like DNS servers?
They synchronize. I always use pgp.mit.edu but you can pick a different one if you like.
> Lastly, is
> it possible to change the key once it is sent (or at least the comment)?
Read the articles.
Good luck.
~ C
--
Well I thought you beat "The Death of Inevitability"
to death--just a little bit! ~ Tragically Hip
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://gtalug.org/pipermail/legacy/attachments/20030903/eacf58f1/attachment.sig>
More information about the Legacy
mailing list