Editing PGP

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 3: Line 3:
PGP public-key encryption is an important tool for private communication and many Noisebridgers use it. Our list of Noisebrifgers who use PGP keys would be happy to do a signing with you if you find them in the space. Please add yourself to the list if you'd like to do this too. Key signings could happen after our Tuesday meetings.
PGP public-key encryption is an important tool for private communication and many Noisebridgers use it. Our list of Noisebrifgers who use PGP keys would be happy to do a signing with you if you find them in the space. Please add yourself to the list if you'd like to do this too. Key signings could happen after our Tuesday meetings.
{{boxend}}
{{boxend}}
PGP is an open standard for encrypted and authenticated communications using computers.  You can use PGP to make sure your communications and data can't be decoded in-transit across the internet or on disk by anyone except the intended recipient.  Another feature of PGP is that messages that you sign with your public key can be mathematically proven to have come from you (because only you possess your private key).
Some people believe that all communications (including email) should be encrypted with PGP, but if you want to send a message to someone with PGP you need their public key.  People who use PGP want their public key to be widely known, so they post them online on keyservers.  They include the "fingerprint" of their public key (like 1AEF90F4) on their business card and in emails, so you can confirm that the public key you have for them is the right one.
If someone sends a plaintext message to the world, they can paste an authentication signature at the end of the message.  A person reading the plaintext message can compare the signature and the plaintext (together) with the public key of the person who claims to have sent the message.  If the signature matches their public key then it is proof that only that person could possibly have made that message.
If you want to use PGP, you need software.  A web application for this task would defeat the purpose, since you would be trusting a webpage with your private key, so this software has to run on your own computer.  The following programs are recommended depending on your operating system:
* Linux - GPG is The GNU Privacy Guard - [http://GnuPG.org]
* MacOS OSX - GPG works on MacOS just like it does on Linux
* Windows - Gpg4win (GNU Privacy Guard for Windows) is Free Software [http://www.gpg4win.org/]
Before you can do anything you must create your key pair - a private key for you, and a public key that you share with everyone else.  You can also tell people the "fingerprint" of your public key (like 1AEF90F4) on business cards and email so people can be sure they have the right public key for you.
Your private key will be protected by a long passphrase. If someone finds your passphrase, they can access your private key and decrypt messages sent to you, as well as pretend to be you. Thus you should be extremely careful to never copy or write down your passphrase. Also, if you forget your passphrase, you are completely out of luck and should just go cry.
After creating your key pair, you should generate a http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-key-revocation.html key revocation certificate] so that you can declare your public key void if your private key is compromised. You should also backup your public and private keys.
For more info on PGP, see http://www.pgpi.org/doc/pgpintro/.


* [[User:rubin110|rubin110]] - 1AEF90F4 - [http://rubin.starset.net/pgp.txt key]
* [[User:rubin110|rubin110]] - 1AEF90F4 - [http://rubin.starset.net/pgp.txt key]
Line 35: Line 15:
* [[User:Mrdomino|mrdomino]] - Need to find some more bits first
* [[User:Mrdomino|mrdomino]] - Need to find some more bits first
* [[User:flamsmark|Tom]] - [https://flamsmark.com/key.asc 80AF07D3] - Happy to sign keys any time, just catch me on email/IM or in the space.
* [[User:flamsmark|Tom]] - [https://flamsmark.com/key.asc 80AF07D3] - Happy to sign keys any time, just catch me on email/IM or in the space.
* [[User:yan|Yan]] - FAC78CF7 [http://web.mit.edu/zyan/www/zyan.txt key] - Embarrassingly lost my old key when I was young and reckless, and this one has no signatures.
* [[User:tensory|Ari]] - 5EE3ED34 - [[User:tensory|look here]]
* [[User:redondos|redondos]] - <code>gpg --keyserver pgp.mit.edu --search-keys CDB98F72</code>
* [[User:patrickod|Patrick]] - 31FE4222 [https://patrickod.com/gpg.key]
Please note that all contributions to Noisebridge are considered to be released under the Creative Commons Attribution-NonCommercial-ShareAlike (see Noisebridge:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following CAPTCHA:

Cancel Editing help (opens in new window)

Templates used on this page:

Retrieved from "https://www.noisebridge.net/wiki/PGP"