Steven,
I assume you are referring to the PGP signatures appearing at the bottom
of some postings. (They are not "keys" as you mentioned).
These signatures allows you as the reader to verify two things
1. That the sender in fact is who he/she says he/she is.
2. That the message contents is as was sent (it is unaltered from when
they signed it)
For the signature to be useful, you need to have the sender's public PGP
key. You would normally obtain this from them personally, or from their
web site, or some other secure means (often via another signed document
from someone you already trust - this is known as a certificate). You
then run the received message through the PGP application, together with
the purported sender's public key, which will then confirm that the
private key of the sender was used to sign the message (the public is
generated from the private key by the sender). You then can be sure the
message is as it says.
Why would you need to use PGP to sign a message? The answer would vary,
but I imagine most signers do it simply to assure themselves that what
they have said is what is read. Whether you need to do this depends on
how much you trust the mail and transport systems used to convey the
message between sender and receiver.
Most of us just have a reasonable level of trust that things won't go
wrong - either malevolent or otherwise. I imagine it will take a few
nice public cases of email tampering and we might all start signing.
Martin
Martin Visser ,CISSP
Network and Security Consultant
Technology & Infrastructure - Consulting & Integration
HP Services
3 Richardson Place
North Ryde, Sydney NSW 2113, Australia
Phone: +61-2-9022-1670
Mobile: +61-411-254-513
Fax: +61-2-9022-1800
E-mail: [EMAIL PROTECTED]
________________________________
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Steven Chang-Lin Yu
Sent: Friday, 7 May 2004 3:17 PM
To: [EMAIL PROTECTED]
Subject: [SLUG] Question about PGP
Hi, I would like to know the benefit of using PGP? I have
notice some of the SLUG member uses PGP key on their message, is there
any advantage???
__________________________________________________________________
Steven Chang-Lin Yu
MEngSc of Telecommunications
ICQ#: 66369374
Current ICQ status:
( Home Tel#: +61 0401043641
( Work Tel#: +61 0401043641
+ More ways to contact me <http://wwp.icq.com/66369374>
<http://wwp.icq.com/target=>
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.677 / Virus Database: 439 - Release Date: 4/05/2004
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
