Security Concerns

James A DePrisco
Mon Nov 4 02:39:01 2002

Hello, I am a newbie and I have a few questions:

First, I am using GnuPG with Mandrake Linux 8.2.  90% of my usage is via 
Kmail.  This is working fine and I am able to send encrypted and signed 
emails and I have received encryted emails no problem.

I set up my gpg using the online manual, so I used all the defaults.  I have 
read a little about how GnuPG works and I understand that breaking the code 
on an encrypted file is pretty near impossible.  My question is about the 
signed files and emails.  If I send an email or file that is signed, but not 
encrypted, isn't this a little dangerous?  My concern is that don't you give 
out some information on your private key if you sign it?  I am not big on the 
math, so any pointers you have on how to do this safely would be appreciated.

Perhaps the fact that I have the primary key and the sub key assure my 

Also, I have never used an unattached signature file.  What is this and do I 
need one?

Thanks for the help.

James DePrisco