Suggest please

Henry Hertz Hobbit hhhobbit at
Fri May 3 14:05:02 CEST 2013

On 05/03/2013 08:45 AM, Lema KB wrote:

Werner is of course correct but since you need to do a send to
userid_1, userid_2, and userid_3  you will need the public key
for all three of the recipients.  You need the public key for
each person you want to send a public key enciphered (encrypted)
file or message to.

Public / Private Key Enciphering
- encrypted with the other person's (or people's) public key(s).
  No pass-phrase is required.
- can only be decrypted by the person (or people)  that has the
  private key(s) that is associtated with public key(s) that
  the file or message was encrypted with.  They also need to know
  the pass-phrase unless the pinentry program decides to supply
  their pass-phrase forever.  Don't laugh too loud. It happened
  to me.  I must provide my pass-phrase again now.  Thank goodness!

Private / Public Key signatures (used for verification)
- the file or message is signed with your private key. You must
  use your pass-phrase when signing.  This was most critical
  for the pinetry supplying the pass-phrase for me. You should
  be required to supply the pass-phrase for all signings with
  the only laxity being a one-time supply of pass-phrase for
  a batch of files.
- verified with your public key with them importing it and then
  giving it the proper (hopefully) level of trust when they edit
  and lsign / sign your public key.  They have known you all your
  life?  Then your key deserves the highest level of trust no
  matter what you do in life.  The verification is that the
  person is really who they claim to be.

My primer reference book is "PGP & GPG, Email For The PRACTICAL
Paranoid" by Michael W. Lucas.  I hope he gives another edition
some time since GPG4Win has improved and simpliied a lot of things
for Windows users.  Disclaimer:  I do NOT get a cut of the profits
from the sale of the book.


More information about the Gnupg-users mailing list