[new-user] question

Fri Apr 13 07:31:06 CEST 2012

Hello michael !

michael crane <mick.crane at gmail.com> wrote:

> I'm trying to understand the principals and benefits of using pgp/gpg
> I think I understand that I send the part of my key that is public to
> somebody and they use that key to encrypt a message which only I can
> decypher.
> So what if somebody uses my public key to send me a message purporting
> to come from somebody else ?
> what is the mechanism to ensure it came from who I think it did ?

    You are refering to the 2nd part of crypting: signature.
    Crypting to your key is only to ensure that you'll be the only one to read it, but you are supposed to know what you'll find in the message.
    Signing is dedicated to the receipient: it allows him to be sure that the message comes from exactly you.

-- 
Laurent Jumet
      KeyID: 0xCFAF704C