Re: (clug-talk) konstruct

Wed, 08 Jan 2003 09:34:29 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wednesday 08 January 2003 08:50, Rafael Sanchez wrote:
> I notice that you use some sort digital signature. Would you kindly tell
> me how this works? 

you install PGP or GnuPG (preferably GnuPG), create a personal key pair, 
upload the public key to a public key server so others can verify signatures 
and encrypt messages to you easily, and then tell your email app to sign your 
messages ...

> What is the relationship between a private key and a
> public key? 

whatever is encrypted with one can be decrypted with the other, and only by 
the other. this allows secure transmission of the information without needing 
to know both keys (allowing for a public and a private key) as well as 
verification (if it decrypts with the public key, you know it was encrypted 
by the corresponding private key)

> where do they reside?

on your computer. you can keep them on removable media if you wish as well.

> how to get the keys?

you can't buy them. your computer has to make them. (rice crispy squares, 
t.v., circa 1985?)

gpg --gen-key

and follow the on-screen directions. put something like the following in your 
~/.gnupg/options:

keyserver wwwkeys.pgp.net

and then

gpg --send-key <your key id, name or eail address>

voila, all done!

> The following is related to Ximian on RH8:
> When I click on the icon at the bottom of the message where it says
> "This message has been digitally signed" it gives me some info:
>
> gpg: armor header: Version: GnuPG v1.0.7 (GNU/Linux)
> gpg: Signature made Tue 07 Jan 2003 05:22:54 PM MST using DSA key ID
> ======== (i took the id off here. it was an eight alpha numeric word)
> gpg: Can't check signature: public key not found

yes, it is simply telling you the details: i use GnuPG, it was signed on the 
date mentioned, my key ID is 0xA7F1DB43, and you aren't set up to verify it. 
=)

all decent email clients can handle and verify digital signatures, including 
Evolution, Mutt, Sylpheed and KMail. i'm not sure about Pine as I haven't 
used PGP w/Pine, but i'd be rather surprised if it didn't support it in some 
way.

> Last but not least, what are the requirements to implement something
> like this? and use for it?

as for a CLUG presentation on public key crypto, i'd be happy to do so.

- -- 
Aaron J. Seigo
GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA  EE75 D6B7 2EB1 A7F1 DB43

"Everything should be made as simple as possible, but not simpler"
    - Albert Einstein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE+HGET1rcusafx20MRAocyAJ9ipdz5BW/LRWwYwex1xWV9hZrQvQCfVtiJ
CV9LR0xUL5HN686/EUF3u08=
=xkhU
-----END PGP SIGNATURE-----

Reply via email to