Mailinglist Archive: opensuse (2700 mails)

< Previous Next >
Re: [SLE] gpg with email clients (was Re: [SLE] Dead Linux machines)
  • From: James Knott <james.knott@xxxxxxxxxx>
  • Date: Sat, 02 Jul 2005 18:45:16 -0400
  • Message-id: <42C718FC.1090800@xxxxxxxxxx>
Anders Johansson wrote:
> On Sunday 03 July 2005 00:02, James Knott wrote:
>>Mozilla and many other mail programs also support S/MIME encryption and
>>signature. You can get a free digital certificate from
>>www.thawte.com/email.
>
> Doesn't encrypting using a key someone else created defeat the purpose of it?
> The private keys should be kept private

The only one who'd have the private key is the person who generated it.
It's merely certified by Thawte. However the public key can be
distributed far and wide. So if I want to send you an encrypted e-mail,
I'd encrypt with your public key. The encrypted message can only be
read by someone possessing the private key. The signing works in
reverse. A message signed with a private key, can only be verified by
the public key. Any e-mail program capable of using S/MIME keys can
have them verified by the key authority. The S/MIME keys are
functionally equivalent to the GPG keys, for encrypting and signing.

While GPG is great for personal use, many businesses will accept only
S/MIME.

< Previous Next >