[wellylug] gpg info

Richard Hector richard at walnut.gen.nz
Tue Feb 18 20:37:18 NZDT 2014


On 18/02/14 20:18, Klaatu wrote:

> If the encryption was formed ONLY by the private key, then to unlock it
> you would need...well, the private key I guess? I don't know how that
> would work. Or if only a PUBLIC key was required, well that wouldn't be
> at all secure because public keys are by nature public so anyone could
> unlock it.

That's a bit inside-out. Whatever you do with one key, you undo with its
partner.

So if you encrypt with your private key, anyone can decrypt it with your
public key. That's not normally useful, except that you might encrypt a
hash of the message with your private key, and call it a signature -
then anyone can verify, using your public key, that the signature was
indeed made with your private key, and all is good.

So to send an encrypted message, you'd normally use their public key.
You might sign it as well, using your private key. And then you might
also encrypt it with your _own_ public key, so that you can read the
copy in your Sent box.

A quick test suggests that I do get a message encrypted to both sender
and recipient when I send an encrypted (not signed) message to my other
address.

Yet another non-expert,

Richard



More information about the wellylug mailing list