Re: PGP encrypted email - basic questions

[Timothy Pollard <t.pollard.12 () scu edu au>]

On Fri, 29 Dec 2006 09:00:43 -0600
Dave Moore <dave.j.moore () gmail com> wrote:

> Hello all-
>
> I'm trying to get started with PGP and there are some concepts I am
> having trouble with.
>
> I understand that a recipient of a PGP signed/encrypted message will
> have to get my public key to decrypt said message. What I don't
> understand is how this is carried out in a seemingly automatic fashion
> for many of the email messages I receive, e.g. postings from mailing
> lists, in which I see the 'BEGIN PGP SIGNED.. ' and the signature at
> the end. I didn't decrypt these messages, and I have no idea how they
> got decrypted.
>
> When I encrypt a message and send it to myself, the message I see is
> decidedly not decrypted. I did notice this header..
>
> OpenPGP: id=5847D5CF;
> url=http://random.sks.keyserver.penguin.de:11371/pks/lookup?op=get&search=0x5847D5CF
>
> in the outgoing encrypted test message I sent, which leads me to
> suspect that it might have something to do with this process, but
> still, my message is not decrypted.
>
> How does this work?
> Dave

The messages you've received are signed not encrypted. You sign a message so
that the recipient can use your public key to check that you where actually the
one who sent the message. Your email client is not actually decrypting the
message, because the message is sent as plain text with a digital signature.
You should be able to set up your email client to check the
signature automatically, check the documentation.

You encrypt an email with the recipient's public key so that only they can
decrypt it. Theoretically the email you sent to yourself should have used your
public key for encryption and you will be able to decrypt it with your private
key. You may be able to set this up to happen automatically depending on your
client.

Hope this helps,
TimP

Attachment: signature.asc
Description: