[ubuntu-in] GPG Key and Fingerprint

Parthan SR parth.technofreak at gmail.com
Fri Apr 3 07:50:59 BST 2009 

ambika divya wrote:
> Can any one explain me .....what is that terms ?
> Is this is any membership/admin  identification number  etc?
> This query is not regarding Ubuntu , i am sorry .
> But I am really want to know .
>   
GPG Keys serve two purposes, the main purpose is to encrypt data/files 
and securely transfer them to someone whom you trust without others 
being to sneak in the middle, and vice versa. The whole idea is to have 
a pair of keys, one is private and the other is public. You can share 
you public key with your friends, to whom you want to send and receive 
files, and also get their public keys.

Take a scenario when your friend X wants to share a secret letter with 
you. He wants only you to read it and not anybody else to. So he 
encrypts the secret letter file using your public key. Now to read that 
letter one needs to have the corresponding private key to decrypt the 
letter, which only you have (remember it is your *private* key). So he 
sends you the encrypted letter and you decrypt it using your private key.

Similarly if you want to share something with your close friend, you 
have his public key and hence you encrypt with his key and send him the 
encrypted message across. He will use his private key to decrypt and get 
the message.

To know more read,
[1] http://aplawrence.com/Basics/gpg.html
[2] http://madboa.com/geek/gpg-quickstart/
[3] http://www.gnupg.org/

The second purpose is to make a chain of trust by getting the keys 
signed. For example, if I have my keys signed by few members who are 
also Ubuntu members, then for a third person who is interested in 
finding my recognition and trust within Ubuntu circles it might serve as 
proof that am trusted as my keys have been signed by them. Signing of 
keys happens by physically sharing your public key and fingerprint, and 
importantly proving your claimed identity. You can search for my public 
keys and find out who all have signed my key and who they are really ;-)

-- 
With Regards,
Parthan SR "technofreak"

GPG Key     2FF01026
Fingerprint 5707 ECBD 8D8D 8E6E 28F8  DFA5 938B D861 2FF0 1026
Weblog      http://blog.technofreak.in

More information about the ubuntu-in mailing list