From 94a2e9fe7816e44f682fd42da6463dc6ee142072 Mon Sep 17 00:00:00 2001 From: Siri Reiter Date: Sat, 1 Jun 2019 19:25:06 +0200 Subject: Initial commit. --- pgp.txt | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 pgp.txt (limited to 'pgp.txt') diff --git a/pgp.txt b/pgp.txt new file mode 100644 index 0000000..be007d9 --- /dev/null +++ b/pgp.txt @@ -0,0 +1,60 @@ +Trusted e-mail + +Attitude +----------- +Please insist to understand! + +PGP +----- +Pretty Good Privacy +Used to sign (and encrypt) digital files, mostly used for emails. +A digital fingerprint +A key pair with a public and a private part +You can have as many keys and indentities as you wish + +Form +------- +1. +A computer with you in full control + Free software makes it possible to verify all code + [DebianParl] + Full disc encryption +2. +E-mail address + External email address +3. +Mail list communication + [List address] + +Create your identity +-------------------------- +1. Use a working email account +2. Think of a good passphrase +3. Use a PGP tool (we use an email plugin) +4. Create a new key pair (with default settings) +5. Keep your private key secret and share your public key with the World + +Support someone's identity +------------------------------------ +1. Get her public key +From a key server or on a usb-stick +Name, email address, public key (last 8-16 digits) + +2. Verify that the fingerprint of her public key matches the fingerprint of the key you have received + +3. Sign her public key (with your private key) + +4. Pass your signature to her +Send an email or use a PGP server or a USB stick + +Use +----- +Your email application handles the signing of your emails +When you send a signed email, write your passphrase +When you receive a signed email, write your passphrase +You can sign other files as well. You can also use your PGP-key for encryption, but that is not the aim of this project*. + +Invalidation +--------------- +If your signature has been compromised +Ask your keyhandlingapplication to invalidate your key -- cgit v1.2.3