[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP...

To: [email protected]
Subject: Re: PGP...
From: Sean Walberg <[email protected]>
Date: Tue, 13 Aug 1996 09:09:23 -0500 (CDT)
Cc: [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----

Nope.  With PGP you get 2 keys... One you keep secret (secret key), the 
other you make public (public key).  This way, if I want to send you a 
message, I don't need to talk to you to arrange for a session key or any 
passcodes, because PGP takes care of it.  

Say you wanted to send me a message...

You check your keyring (pgp -kv), but alas my key isn't there.  So you go 
to the keyserver (http://www-swiss.ai.mit.edu/~bal/pks-toplev.html), and 
retreive my key into a file (sean.asc).  Then you run pgp on it (pgp 
sean.asc) and it gets integrated into your keyring.

Now you type your message to me, and encrypt it with *my* public key, and 
*sign it with your private key* (pgp -sea message_to_sean.txt 0xD12B3419).  
Then you send it off to me.  (The 0xD12B3419 is my key id, and is 
displayed when you play with my key)

When I get it, I can export it to a file (message.asc), and run pgp on it 
(pgp message.asc).  Hey, it is signed, so I grab your key from the 
server, and pgp message.asc it again.  Since you encrypted it with my 
public key, _only my secret key_ can decrypt it, not even you can see 
it!  Also, since only you have access to your secret key, (if your 
signature checks out), I know it had to have been you who wrote the 
message and it was not tampered with.  (To be technically correct, I 
don't exactly know it was you, since I haven't trusted your key at this 
point, but we'll let that one slide)

- From this point, we can send and receive messages pretty easily, since we 
don't have to snarf keys.  It is also a bit easier than I make it out to 
be, because there are many automation tools out there for pgp.

Sean

On Tue, 13 Aug 1996 [email protected] wrote:

> I'm confused.... if you don't want people to be able to read your
> email, you code it with PGP or other encoders... but why give away
> your key on your website to everyone? That makes your email readable
> to everyone... doesn't it? Oh well... I hope someone can explain this
> to me...
> 
> Roki
> 

- ------------------------------------------------------------------
Sean Walberg                              [email protected]
The Web Guy                  http://home.cc.umanitoba.ca/~umwalber 
UNIX Group, U. of Manitoba          PGP Key Available from Servers

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: Processed by mkpgp, a Pine/PGP interface.

iQCVAwUBMhCMc982JgvRKzQZAQEjYAP/SWjf2z2lZjYzBKVRMo9fcaMEZXiQSal2
YRjhzIXI9LyOF+mEz+KvPscJEsKqwM0JQl64ZpYhvp2junRly292jflIpxsnSJSS
ZteKoFJ+JE2Rd4TMDHbojucAEN4ZrW0G5y6RUcT5ntkKKWCzjGnYhSeM//bb9mOe
ccq+A8aI9dY=
=j2nK
-----END PGP SIGNATURE-----

References:
- PGP...
  - From: [email protected]

Prev by Date: Re: National Socio-Economic Security Need for Encryption Technology
Next by Date: Re: Anguilla story...
Prev by thread: Re: PGP...
Next by thread: Re: PGP...
Index(es):
- Date
- Thread