Prev: AM3 socket Asus M4A87TD EVO motherboard work flawlessly in Debian?
Next: Maple 14 and Squeeze (amd64): SOLVED
From: Alexander Batischev on 3 Jul 2010 14:50 On Fri, Jul 02, 2010 at 01:52:47PM -0500, Arthur Machlas wrote: > I just recently setup encrypted mail for my personal mail account, > using icedove and enigmail. I'm curious about a general feature of > "signing" the email. Why can't I just copy the "signature" portion of > the email, which many people on this list attach to their posts, and > paste it at the bottom of a fake email? Appreciate any comments or > links you may have. Well, in previous replies all your questions were answered, so I decided to provide a link which may help you to make digital signing and encryption more clear to you. Here it is - "Gnu Privacy Guard (GnuPG) Mini Howto (English)"[1]. 1. http://dewinter.com/gnupg_howto/english/GPGMiniHowto.html -- Regards, Alexander Batischev 1024D/69093C81 F870 A381 B5F5 D2A1 1B35 4D63 A1A7 1C77 6909 3C81
From: Aaron Toponce on 11 Jul 2010 10:50 On 07/02/2010 12:52 PM, Arthur Machlas wrote: > I just recently setup encrypted mail for my personal mail account, > using icedove and enigmail. I'm curious about a general feature of > "signing" the email. Why can't I just copy the "signature" portion of > the email, which many people on this list attach to their posts, and > paste it at the bottom of a fake email? Appreciate any comments or > links you may have. In a nutshell: * The sender's PGP/GPG hashes the text of the message. Because every message will be different, every hash from the text will be different. * The sender's PGP/GPG then encrypts the hashed string using your private key, and attaches the message to the mail as a "signature". The mail is then sent, at which: * The receiver's PGP/GPG uses the sender's public key to decrypt the signature, to get to the hash. * The receiver's PGP/GPG then re-hashes the email using the same algorithm the sender uses. * If the hashes match (the newly created hash, and the decrypted hash), the signature is valid. If they don't match, the signature is invalid. That's why you can't paste a single signature to every email you send. It has to be generated every time. -- . O . O . O . . O O . . . O . . . O . O O O . O . O O . . O O O O . O . . O O O O . O O O
First
|
Prev
|
Pages: 1 2 Prev: AM3 socket Asus M4A87TD EVO motherboard work flawlessly in Debian? Next: Maple 14 and Squeeze (amd64): SOLVED |