Re: Digital signature in muLinux - tests wanted

From: Michele Andreoli ([email protected])
Date: Tue Nov 07 2000 - 08:47:54 CET


On Tue, Nov 07, 2000 at 01:38:57AM +0000, [email protected] nicely wrote:
>
> Sorry I have to say this but you have got everything exactly
> backwards. :-)
>

Oh yes! I missing the point. I'm only a newbie in PGP. You well
explained in your email. I signed erroneusly with my public-key.
So, only I, in the world, can read the message, because decrypting
requires the secret-key, on my hard-disk!

> Your _public_ key is used to encrypt messages to you and then
> you decrypt it with your _secret_ key.

Yes

>
> There are some issues with mail readers and PGP that I perhaps
> can help you with. There can be some trouble with charsets and
> transfer encoding and such.

Yes, very fine test.

>
> I do hope the key you sent to the list is only for testing
> purposes. A 512 bit key is considered by many to be low
> security. 1024 or, better, 2048 bits should be used for a
> "production" key.
>
> Thank goodness you didn't send your secret key to the list!!!!

Oh, but they are only test keys and I know the difference between
secret and public key. I read the comp.security.pgp FAQ!
I will change when test finished, and will use a more strong 1024 key.

I made a very senseless thing: to pretend the whole mailing-list
to be able to read a crypted message is the *negation* of the
public-key encryption concept!

Michele

-- 
"I'd like to conclude with a positive statement, but I can't remember any.
Would two negative ones do?"			-- Woody Allen
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]


This archive was generated by hypermail 2.1.6 : Sat Feb 08 2003 - 15:27:16 CET