[Dshield] Outlook & PGP signed e-mail. Was: ID theft ring hits 50 banks, firm says
Valdis.Kletnieks at vt.edu
Wed Aug 10 08:09:57 GMT 2005
On Wed, 10 Aug 2005 09:55:18 +0200, Bo Nordgren said:
> Well.. I do have to disagree since it takes the private key to encrypt the message and
> the public key is only used for unencrypting it. If the private key is available you can
> just chuck the signing out the window since it becomes a pretty useless waste of resources.
Actually, that's backwards. The sender encrypts with the recipient's *public* key,
and signs with their own private key. The recipient decrypts with their own
private key, and verifies the sig with the sender's public key.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20050810/8fd5bcd3/attachment.bin
More information about the list