Code: Select all
-----BEGIN PGP SIGNED MESSAGE-----
is anyone interested in learning more about Public Key Encryption?
This would be GnuPG on our Linux systems -- or
PGP/Desktop for those needing an "official" commercial system.
Similarly we would use Enigmail on Thunderbird on our Linux systems
while those needing "official" commercial software would be using Outlook.
I think one of the aspects of Public Key Encryption is
that PGP or GnuPG provides authentication and integrity -- not just encryption.
Authentication allows you to verify that a message
is from the person who claims to have sent it.
Integrity allows you to verify that a message has not been altered "in transit"
Provided that you have a trusted copy of the other person's public key.
Which gets us into the subject of Trust Models.
These are discussed in Phil Zimmerman's original essay on PGP -- and --
as far as I'm concerned -- that's still the best read on the topic.
I'll sign this for you with GnuPG -- just for fun.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
-----END PGP SIGNATURE-----
my Public key is on the default server.
Link to Zimmerman's Original Document Vol 1
From my own studies it is my view that a lot of what we call "hacking" results from our failure to authenticate the credentials of sources that we communicate with . this would apply to software downloads as well as e/mails, credit card transactions, tax returns, web sites -- you name it.