[Dshield] Outlook & PGP signed e-mail. Was: ID theft ring hits 50 banks, firm says

Valdis.Kletnieks@vt.edu Valdis.Kletnieks at vt.edu
Wed Aug 10 08:09:57 GMT 2005


On Wed, 10 Aug 2005 09:55:18 +0200, Bo Nordgren said:

> Well.. I do have to disagree since it takes the private key to encrypt the message and
> the public key is only used for unencrypting it. If the private key is available you can
> just chuck the signing out the window since it becomes a pretty useless waste of resources.

Actually, that's backwards.  The sender encrypts with the recipient's *public* key,
and signs with their own private key.  The recipient decrypts with their own
private key, and verifies the sig with the sender's public key.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20050810/8fd5bcd3/attachment.bin


More information about the list mailing list