OpenPGP e-mail signing/encryption question

James Knott james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Tue Sep 16 23:12:22 UTC 2003


Anton Markov wrote:
> Hello everyone,
> 
> A couple of nights ago I decided to look into how to sign/encrypt 
> e-mails.  I figured out the Enigmail stuff, and got it installed and 
> working fine with Mozilla Thunderbird (a great e-mail reader by the 
> way).  I just have two questions:
> 
> Should I use the same key for encrypting and signing messages, or am I 
> suppose to generate different ones for each purpose?  From what I 
> understand (this is my first time looking into this issue) I give out my 
> public key in order to receive encrypted messages.  However, I have to 
> give out my private key in order to sign messages or something. This 
> doesn't make sense to me (why give out both keys), so either I am wrong, 
> or I don't know something.  Any clarification would be appreciated.

You use your private key to sign and the other person's public key to
encrypt.  At the other end, they'll use your public key to verify the
signature and their private key to decrypt.

> 
> Also, which key server should I use to share my key? Should I upload it 
> to several, or are they all synchronized like DNS servers?  Lastly, is 
> it possible to change the key once it is sent (or at least the comment)?
> 
> 
> I know this is a little off the Linux topic, but any help would be 
> appreciated.
> 
> P.S. PGP is so much easier to set up in Linux vs. Windows!

You might also want to consider the X.509 digital certificates, which
are supported by many e-mail programs.  You can get one for free from
www.thawte.com






--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list