PGP Encryption
Trevor Smith
pmmail@rpglink.com
Wed, 15 Mar 2000 22:22:12 -0400 (AST)
On Wed, 15 Mar 2000 13:14:25, Brian Morrison wrote:
>An RSA private key can both decrypt and sign, so if someone has you
>decryption key they can also impersonate you. DH keys have a signing
>key that is actually a DSS (digital signature standard) key, 1024 bits.
>This is used for signing, the DH private decryption key is *never* used
>for anything other than decryption. This ensures that no one can
>impersonate you if they are granted legal access to your decryption
>key.
Interesting and potentially useful. Though I hope that the percentage
of people who must "grant legal access" to their private keys is very
small.
>Sorry to keep on about this Trevor, but some of us simply don't trust
>any government anywhere and must take our security into our own hands.
Please don't apologize! I asked for more information because I wanted
it. :-)
I'm not particularly distrustful of my government (at least not as
much as some Americans and maybe Brits) but I definitely value
encryption (even though I've never had any good reason to use it). I
think everyone really should have PGP installed and it should be a
standard email protocol. Like they say, you don't send every letter
on a postcard, do you?
--
Trevor Smith | Most of humanity has always been
trevor@haligonian.com | insane, at least some of the time.
www.haligonian.com | - Arthur C. Clarke