[Enigmail] Personal Keys

Charly Avital shavital at mac.com
Fri Jan 18 10:35:48 PST 2008 

Les wrote the following on 1/18/08 12:49 PM:
> Hi Guys,
> This group has allowed me the first opportunity to experiment with
> encrypted mail which I am grateful for. I wonder though about the
> wisdom of giving out keys to an open forum. Is this not compromising
> one's abilty to protect encrypted email since anyone with the key
> can open it? I suspect not but I have to ask the question - as you
> see I have not signed this email (- not sure if that's an requirement
> to send to the group but I will soon find out -)

Les,

The only key you are "giving out" is *your* public key. And it is called 
*public* for a reason.

This key, your public key, will enable other people to use it in order 
to send *you* encrypted messages, that *only you* will be able to 
decrypt, because you are the *only person* who owns the *secret* key 
required to decrypt a message that has been decrypted using *your* 
public key.

I don't like to say to new comers "Read the .... manual", but I believe 
you could gain from reading about Public Key Encryption.

> 
> Maybe it is a mute point

I don't want to sound pedantic, and as English is not my mother tongue, 
I'll go on a limb and assume that you meant "...it is a moot point..."

> as encrypted signing only verifies that I am
> the sender but it brings into question the wisdom of posting to a key
> server, yes or no?

Again I don't want to sound pedantic, but "encrypted signing" does not 
make sense *to me*. Maybe you meant "...digitally signed using GnuPG...".

You sign a message using your secret key (you probably noticed that you 
are required to enter your passphrase when signing a message). 
Recipients of your signed message, if they have your public key in their 
rings, can verify your signature. If your signature verifies, it means that:
1. there is a match between the signing key (your secret key) and the 
key used to verify the signature (your public key).
2. the contents of the signed message have not been tampered with, 
manipulated, or modified.

If you sign a message, you expect its recipient or recipients to be able 
to verify the signature. They need your public key, and that's the 
reason, if not the rationale behind uploading your *public* key to a 
keyserver.

Of course, it is your absolute privilege *not* to upload your public key 
to a keyserver, but to make it available *only* to the recipients you 
send signed messages to, or to people you want to have your public key 
in order to verify your signature and/or to encrypt messages destined to 
be decrypted and read only by you.

> 
> I would appreciate it if there was some discussion on this point just
> for clarification of what our limitations are here. I suspect I don't
> quite understand the concept as it doesn't make sense that anyone who
> can verify who you are can open your encrypted email.

I am not the keeper of this list, but I believe the list is open to this 
kind of discussion. Although in my unprofessional opinion, you would 
benefit by reading some basic material about public key encryption, the 
web of trust, etc.

Again, and for the last time I hope, I'll try to clarify:

- "...anyone who can verify who you are can open your encrypted email".

Anyone who has received from you (of from anybody else for that matter) 
an e-mail encrypted with his/her public key, can decrypt that e-mail. 
And vice-versa, when you receive from anyone (who has your public key) 
an e-mail encrypted with *your* public key, *you* are the only one that 
can decrypt and read that e-mail, because you are the only one that has 
the secret key required to decrypt the public key.

As for verifying who you are, I'll walk on egg-shells and try to explain.

Verifying your digital gpg/pgp signature does not verify who you are. It 
only verifies that the signature was made using a secret key whose 
corresponding public key is included in the recipient's public keyring.

This software verification could lead to more specific actions that 
would prove who you are, like meeting personally, face to face, and 
proving ownership of the public key, or other accepted and logical ways 
to establish and prove your identity and others' identity. All this is 
abundantly explained, and more clearly that I have tried to do here, in 
the documentation of Public Key Encryption, PGP, GnuPG, etc.

I have taken too much space and time of this forum. Please watch out for 
more professional answers.

Charly

More information about the Enigmail mailing list