About PGP Signing a File.
Tony Arnold
tony.arnold at manchester.ac.uk
Sun Feb 11 09:21:36 UTC 2007
John Dangler wrote:
> On Sun, 2007-02-11 at 02:24 -0500, Matthew Flaschen wrote:
>> Joel Bryan Juliano wrote:
>>> Hi,
>>>
>>> I have a question regarding signing a file or binary, I installed
>>> Seahorse which is really awesome tool! And it has a nautilus-extension
>>> that easily Encrypt and Sign a file or directory by right-clicking the
>>> file. Can someone please tell me the use of signing a binary file or
>>> directory? I know it's important, but I really don't get it.
>> There's no use, unless you're planning on sending the file to someone.
>> If you do send it to someone, they can check the signature to verify you
>> sent it. Emails and most forms of electronic communication can be
>> easily forged, but signatures can't be.
>
> As in - gpg: armor header: Version: GnuPG v1.4.3 (GNU/Linux)
> gpg: armor header: Comment: Using GnuPG with Mozilla -
> http://enigmail.mozdev.org
> gpg: Signature made Sun 11 Feb 2007 02:24:30 AM EST using DSA key ID
> 3BBDED59
> gpg: Can't check signature: public key not found
>
> (this is what I see on your signature of your emails to the list)...
You need to import his public key from a key server somewhere and add it
to your keyring.
The question then is how much do you trust this key that you believe
belongs to a certain person?
Regards,
Tony.
--
Tony Arnold, IT Security Coordinator, University of Manchester,
IT Services Division, Kilburn Building, Oxford Road, Manchester M13 9PL.
T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039
E: tony.arnold at manchester.ac.uk, H: http://www.man.ac.uk/Tony.Arnold
More information about the ubuntu-users
mailing list