Where is FAQ?
expires2010 at ymail.com
Sun Jul 25 13:51:03 CEST 2010
-----BEGIN PGP SIGNED MESSAGE-----
On Friday 23 July 2010 at 10:15:05 PM, in
<mid:4C4A0659.6060002 at verizon.net>, Jean-David Beyer wrote:
> I have what I am sure is a frequently asked question,
> but I cannot find a FAQ. I can find the archives, but I
> know no good way to search them.
Did you try http://marc.info/?l=gnupg-users ?
> It is the question about the order of signing and
> encrypting a message. I am pretty sure that is the
> correct order,
The usual way is to issue the --sign and the --encrypt options on the
same command line. It makes no difference which order they appear,
GnuPG will (in effect) combine encryption and signing into a single
Some people (clear)sign a message and then encrypt the signed message.
There may be groups or organisations that require this. I'm not aware
of any advantages of doing it this way. A disadvantage is doubling of
effort: the sender performs two gpg commands instead of one and so
does the recipient.
If you are communicating with a Hushmail address, your signature will
only be detected if you first encrypt the message and then sign the
encrypted message. Hushmail's webmail system is the only application I
have encountered that requires it this way around.
MFPA mailto:expires2010 at ymail.com
War is a matter of vital importance to the State.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users