TIP: Click on subject to list as thread! ANSI
echo: osdebate
to: Antti Kurenniemi
from: John Beckett
date: 2006-03-29 09:02:08
subject: Re: Thunderbird

From: John Beckett 

"Antti Kurenniemi"  wrote in
message news::
> Zoink -> quick jump to a whole different topic here: What's with
the "PGP
> signed message" stuff in this posting?

A bit more technical stuff...

A message can be:
- Signed, or
- Encrypted, or
- Signed and encrypted.

Signed = signature appended to message. The "BEGIN" stuff
indicates the region of the message that is checked by the signature, and
the actual signature. Outlook (not PGP) uses S/MIME to specify these
regions.

Signature = Hash of message combined with private key of sender (in this
case, the hash algorithm was SHA-1).

You could get the public key of the sender, and use it to check the
signature. If ok, you know the sender had the private key (proving who the
sender was), and you know the message has not been altered.

For encryption, a random session key is created by the sender. That key
encrypts the message. The session key is then encrypted with the
recipient's public key, and appended. The recipient uses their private key
to decrypt the session key, then uses the session key to decrypt the
message.

John

--- BBBS/NT v4.01 Flag-5
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)
SEEN-BY: 633/267 270
@PATH: 379/45 1 106/2000 633/267

SOURCE: echomail via fidonet.ozzmosis.com

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.