I use GPG to sign my outgoing emails.
I understand how it works when I encrypt mail to send to someone else. Then I need his/her public key, encrypt it with that, and only he can decrypt it using his private key.
What I understand from signing my outgoing mail, I use my private key to do this. The receiver doesn't need to use GPG (to read the mail), and I don't need their public key. I suppose my public key is used by the receiver to check if the signature is legit, but maybe I misunderstand.
How can they use my public key to verify that my signature is valid?
Aucun commentaire:
Enregistrer un commentaire