-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 El 19-08-2010 17:26, BernePGP escribió: ... > In other words when the recipient got my email with my public key encrypted > in a wordfile , what does he then do? Does he copy and paste my public key > somewhere in his gnupgp programe?
Well, there are graphical interphases to use GnuPG easily. Since you said you pasted your key into a word file, I assume (maybe a risky asumption) you are using Windows. My favorite GUI is GPGShell, but it is not open source, so you can either trust or distrust it. GPG4win package includes other GUIs, and these are Open Source, so it is up to you what you would like to use, if any. With GPGShell, I just double-click the public key file, and it is imported to my keyring. > Next: > > In what form should I expect to recieve the senders public key? Will it > arrive already encrypted in a word file and if so what do I do with that enc > public key in regard to my gnuPGP programe? Well, I guess the most common format is an ascii enarmored file (file.asc), which can be opened into notepad, or imported directly to GnuPG (using either the command line or a GUI). As Simon Richter said, you should check the key fingerprint with the key owner, to make sure you have the right key, and that should be done using a "secure channel", like a phone call (assuming you know the voice of the key owner and can detect if someone else is trying to impersonate him/her). Another option is to upload your key to a public keyserver, and then anybody can search by email address or name or keyID, and download your key. Of course, that way is even easier to upload a bogus key, so you should check you are downloading the right key. By the way, once you have uploaded your key to a keyserver, there is no way to remove it from the keyserver. Most people don't care too much about that, but a few persons don't like their keys to be uploaded to keyservers, so you should ask permision from the key owner before uploading his/her key to anywhere. So, usually, the recomendation is, if you sign a key, send it back to the owner, and let him/her to chose to upload or not upload it. > Again a newbie , a few words to clear the matter please. I did read the > novice helpfile but you can see the whole process is not fully understood. Don't worry, these things take time to be fully digested. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJMbuixAAoJEMV4f6PvczxAqOcIAJuqKRXGRPnwnVCUR9+e7AT2 eLgjy4gWZhVvba0Jb1eVoQTD6fzi17QjJZjQJEbOLoYM9y+mtTDkryboOIDlJ799 B9XocdqFwCDRJy9YCy4ZYGnbYVDG2koMsSLYaat3NucTqtMORg6RROudA6MBOIRG o02nHFHJ20hRxFtHXoDAMrF/7ZrEgQ6Bz6SY98DBEa4wH9Gvvy3SuUWmV/yeMrhR o3B6IVmU2is6GvXA0VyF+agJ9oeWLdqyBkC9mMye2oKPahHGpoAi1T6m6Fu5g8nd DCnAEeXm1OkLpQl6YkZyUozK9eOjpM4NigjXPIuOgFi6nrwh3eYLnSorLMLSoco= =2zBQ -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
