Author

Topic: PGP? (Read 1134 times)

legendary
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
March 16, 2013, 12:40:12 AM
#19
Ill be honest, I managed to use pgp to access the OTC but I still have no idea how to sign an email.

You don't need to sign the email you can sign a plain text message (just like in OTC) and just paste the signed message into the email.

File attachments work better for validation
donator
Activity: 1218
Merit: 1079
Gerald Davis
March 13, 2013, 10:17:36 AM
#18
Ill be honest, I managed to use pgp to access the OTC but I still have no idea how to sign an email.

You don't need to sign the email you can sign a plain text message (just like in OTC) and just paste the signed message into the email.
legendary
Activity: 1400
Merit: 1013
March 13, 2013, 09:16:21 AM
#17
Ill be honest, I managed to use pgp to access the OTC but I still have no idea how to sign an email.
The best solution is to use Thunderbird with the Enigmail plugin to read and send email, or perhaps I should say the "least suboptimal" solution since "best" doesn't accurately describe the situation.
legendary
Activity: 1018
Merit: 1000
March 13, 2013, 09:14:01 AM
#16
Ill be honest, I managed to use pgp to access the OTC but I still have no idea how to sign an email.
legendary
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
March 13, 2013, 08:45:30 AM
#15
Just don't do this ...



http://xkcd.com/1181/

Visit the site to see the bonus mouse over message.

so funny and I believe that is true, nobody is going to "verify" signatures of messages on their own. (or out of band key verification haha)
hero member
Activity: 504
Merit: 500
WTF???
March 11, 2013, 04:42:28 PM
#14
Just don't do this ...



http://xkcd.com/1181/

Visit the site to see the bonus mouse over message.

wow...
donator
Activity: 1218
Merit: 1079
Gerald Davis
March 11, 2013, 04:06:32 PM
#13
Just don't do this ...



http://xkcd.com/1181/

Visit the site to see the bonus mouse over message.
legendary
Activity: 1358
Merit: 1002
March 11, 2013, 02:42:50 PM
#12
I like gpg4usb for practical reasons.
full member
Activity: 126
Merit: 100
March 11, 2013, 02:42:25 PM
#11
PGP? Just search and learn it, it's simple!
sr. member
Activity: 476
Merit: 250
March 11, 2013, 02:29:44 PM
#10
Which takes what is ever in your clipboard and sends it to gpg to verify...

I just thought of something. We should have a small keysigning for those of us with pgp keys that are only used for this forum. It might help increase trust. Or maybe even start an argument. We don't have enough of those around here. Smiley

Just a thought. I'm sure there's a problem with it that I didn't see and someone will surely let me know.
sr. member
Activity: 476
Merit: 250
March 11, 2013, 02:10:59 PM
#9
https://www.gpgtools.org works like a champ on OSX. It runs as a service so all app are exposed to it.
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
March 11, 2013, 02:04:50 PM
#8
I just created my very first PGP key the other day via HostGator cPanel. Very easy to do. Now, how to use it is something I guess I'll learn soon enough. You you guys thought I was special ridin' in this here short bus.  Roll Eyes
legendary
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
March 11, 2013, 12:14:18 PM
#7
I understand encryption, I'm just wondering how it works posting it on the forums. Is it basically just a type of public key encryption, the public key is provided, and is used to verify the characters given?

I guess you wouldn't post encryption on forums unless it is within a "known" group or a "single" recipient like Private Message. other than that its just funky for forums open discussion.
sr. member
Activity: 350
Merit: 251
March 11, 2013, 12:00:35 PM
#6
I understand encryption, I'm just wondering how it works posting it on the forums. Is it basically just a type of public key encryption, the public key is provided, and is used to verify the characters given?
hero member
Activity: 898
Merit: 1000
March 11, 2013, 11:15:17 AM
#5
As well as signing messages, PGP is also used to encrypt messages containing confidential information. You can safely send a private message to someone encrypted using their public key, and not have to worry about it being intercepted at any point. Only the owner of the private key can decrypt the message to reveal its contents.
legendary
Activity: 1400
Merit: 1013
March 11, 2013, 10:52:32 AM
#4
I don't like Kleopatra on Linux or Windows; it's a generalized solution to a problem that most people don't have.

GPA or KGpg work well, along with the Enigmail plugin for Thunderbird.

FireGPG (browser plugin) is dead, although the code on GitHub mostly works. The replacement WebPG is under development but doesn't work very well yet.
legendary
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
March 11, 2013, 10:13:05 AM
#3
If you use windows you can use GPG4Win I hear thats pretty useable and the interface looks easy on linux there is Kleopatra and lots more. I'm working on a P2P Crypt device that incorporates not only gpg4win/kleopatra encrypt/decrypt functions but also provides easy secure messaging to one another.
sr. member
Activity: 374
Merit: 250
Tune in to Neocash Radio
March 11, 2013, 09:55:34 AM
#2
In response to your second question.  If someone changes the message than you can check the signature and it will come back as invalid.  You would need the private key to sign the new message with the correct signature.  To check the signature you would need the public key of the person sending the message. 

PGP keys are used by people who place trades so that they can have a consistent, almost unhackable, identity.  Reputation can be built on this identity. 
sr. member
Activity: 350
Merit: 251
March 11, 2013, 07:13:12 AM
#1
I've been seeing lots of messages with PGP since I started on here, and I've been wondering exactly how it works. Is it basically a hash of the message, using the PGP key as a salt? Is there some kind of "how PGP works" article that explains this well?

Also, what exactly is the point of using PGP on the forum? If someone were to change your message, couldn't they also change the signature? Or do you have a private key, too?
Jump to: