linux at codehelp.co.uk
Fri Jan 2 17:15:48 CET 2004
On Thursday 01 Jan 2004 12:30 pm, Bo Rosén wrote:
> I and a friend are both rather new to this and are having some problems.
> He is using PGP 8.0.3 on Win XP and I have GnuPG 1.2.3 on Linux.
Looking at your key, if you are expecting to encrypt messages to your friend,
it would be best for you both to sign each other's keys. GnuPG will complain
if you ask it to encrypt to an untrusted key and you can't build that trust
until you get your key signed with his and his with yours. This keysigning is
different to signing email or encrypting messages - there's plenty of
documentation on keysigning at www.gnupg.org and
Try using 'gpg --list-sigs' on some of the keys already in your keyring -
including those imported to verify signed emails on this list - to see how
these key signatures show up. Make sure you read about keysigning before
jumping in - e.g. please don't sign any key without personally verifying it.
You should be able to verify your friend's key by contacting him by
phone/post to verify the fingerprint of his key. 'gpg --fingerprint'. Other
keys can be verified at Linux User Group meetings, OpenPGP meetings,
exhibitions or other events.
> Neither have a problem signing, I can also send encrypted mails between
> my different accounts and decrypt them without problems. I have imported
> my friend's key and it shows up with gpg --list-keys with one pub and
> one sub key. But as soon as I try to decrypt anything from him I get the
> message that the secret key isn't available. Any idea what we are doing
> Bo Rosén
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Url : /pipermail/attachments/20040102/da88e741/attachment-0001.bin
More information about the Gnupg-users