2 ways of signing files
linux at codehelp.co.uk
Sat Jan 15 19:18:30 CET 2005
On Saturday 15 January 2005 5:26 pm, Mark Ivs wrote:
> I would like to know if there are 2 ways of signing.
> Please take a look at the following scenarios.
> Scenario 1:
> I add Blake's public key to my key ring. I can do the
> following 2 steps to edit and sign Blake's public key.
> 1. gpg --edit-key blake at cyb.org
> 2. Command> sign
> This will sign the key.
Yes, the key, not the file.
> So, now I can encrypt the file
> by doing the following...
> 'gpg --recipient "blake at cyb.org" --output
> $rootpath\\$filepgp --encrypt
There is no command there to sign the file, it'll just be encrypted.
You need to specify the -s or -b options etc.
'gpg -s --recipient "blake at cyb.org" --output
> When Blake gets the encrypted file, does it mean that
> the file is also signed?
> Scenario 2:
> I can encrypt and sign by doing the following.
> 'gpg --recipient "XXX" --output $rootpath\\$filepgp
> --sign --encrypt $rootpath\\encrypted\\$datafile`
You've specified --sign so it will be signed.
> Can someone please tell me if scenario 1 and 2 are
> basically doing the same thing?
No. Signing a key is nothing to do with signing a file. Before you sign a key
you should verify the key under keysigning protocols.
If you just want to sign it to encrypt to it (despite not being able to trust
it), you can use a local signature. (non-exportable).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20050115/b3282579/attachment.pgp
More information about the Gnupg-users