On 7/23/2003 6:24 PM, Michael Shaffer deftly typed out: > For example, if I want to send an encrypted message to you, I need to get > your public key. In order for you to decrypt a message I send to you, you > need to get my public key. The function of the private key is to ensure that > only you can actually read the message I send to you and that you are the > person I intend to communicate with.
Maybe I can clarify this paragraph. Let's say I wish to send you a PGP/GPG encrypted message. Using your public key, I encrypt the message and send it. To decrypt the message, you need your private key (which you've hopefully kept "private"). This is encryption and it ensures that only the intended recipient can read the message you sent. Additionally, I can digitally "Sign" an encrypted message. I do this with my private key. A signed message requires that you decrypt it with my public key. This signing process ensures that the sender is who they claim to be (Since only they should have access to their private key). Basically, an encrypted, signed message has been encrypted twice. The first time with your public key (if you are the recipient) and the second time with the sender's private key. This whole process can be pretty intimidating for beginners and would present a serious entry obstacle for patients wanting to communicate electronically. I think the only way to implement encryption that provides an easy entry point is to host your own "message center" website where you can leave messages for the patient and where they can come retrieve said messages in a webmail format. The site can then use standard SSL encryption already supported by web browsers and the patient need not worry about any of the technical aspects. Of course, this is *much* more work for the doctor. -Remo Del Bello -- "A shimmering purple cloud descended over America in 1975, and then, bang, disco happened. Who's to say that a similar mass madness couldn't make .NET the status quo?" - Andy Ihnatko -- To unsubscribe: <mailto:[EMAIL PROTECTED]> archives: <http://www.mail-archive.com/entourage-talk%40lists.letterrip.com/> old-archive: <http://www.mail-archive.com/entourage-talk%40lists.boingo.com/>
