---

ext2: E-Mail Security: GnuPG or PGP?

[ Thanks to Rob
Kennedy
for this link. ]

“One of the few things that pretty much _everyone_ does with
their computer these days is to send and receive email. Keeping up
with old friends that have moved half a world away, or discussing
business with co-workers across the hall. Email is the original
“killer app” for the net. It doesn’t cost anything over having your
net access and as a way to communicate, it can’t be beat.
Everyone’s doing it…

“PGP is a “public key” system. You use a pass phrase (along with
a lot of random bits) and PGP generates a secret key (which you
keep) and a public key (which you publish and send to all your
friends). When someone wants to send you a message, they encrypt it
with your public key, which results in a message that only the
holder of the secret key and pass phrase can decrypt. Pretty
simple…”

“Another problem with email that PGP and the like solve is that
there is no way to tell if a particular email came from a
particular person. Email is notoriously easy to forge. PGP and the
like allow you to “sign” your email in a way that can be verified.
Your message might still be readable (if you just want to sign it,
not encrypt it), but if it has been tampered with, the recipient
will know it. This is becoming more and more important on the net,
since more crucial decisions are being made through email…”

Complete
Story