On Fri, Jun 10, 2005 at 10:02:46PM +0100, Lee Braiden wrote: > On Friday 10 Jun 2005 21:57, David Jardine wrote: > > I had this problem a week or two ago (I think I reported it in > > panic on this list). It went away as suddenly as it appeared, but > > I'd be interested to know how GPG solves the problem - and what the > > best source of documentation is for GPG. > > GnuPG does two things: encryption, and authentication.. The authentication > provides a digital signature, which serves the same purpose as a traditional > signature: proving who someone is. Actually, they're MUCH better than > traditional signatures, when used correctly. > > GnuPG does both of those things by using keypairs: public and private keys. > Everyone has a secret key, and then one which they publish. If you have the > public key of someone else, you can check everything signed by that person > against their public key, and so you know that the person who wrote it is who > they say they are.
Right, I understand the principle from using ssh. > > I'm not sure how you would use this for preventing spam, though. Presumably, > you would only accept email from people whose public keys you have. To me, > that's like mining your garden: it might keep people away, but it'll keep > everyone away, and it makes it tough to enjoy your garden, too. Maybe I > don't fully understand though. It's not a question of preventing spam coming to me - the bounce messages I had may have been based on incompetent software as some people have suggested but to me they seemed legitimate responses - but of spam going out under my name. Clearly, there is no magic that gpg can do to prevent that. Thanks for your help, David -- David Jardine "Running Debian GNU/Linux and loving every minute of it." -L. von Sacher-M.(1835-1895) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
