On Mon, 24 Jun 2019 11:25:04 +0530, Ram Kumar via aur-general wrote: >the signature which is attached here with, is a public key of yours >and can be used to encrypt the messages which are to be sent to you, >and you can decrypt it using ur private key. > >Am i understood correctly?
The purpose of signing messages, which is usually frowned upon on almost all mailing lists, ensures that the content of a mail can't be changed without getting attantion and to ensure that the sender _is_ really the sender and not just somebody who pretends to be the sender. This works even while those mails are _not_ encrypted. You need to import the public key, to verify the signed email and you need to maintain a web of trust, to verify the imported key first.
