Hi,
I am new to this forum and to messaging encryption, and could not be able to find the answer in the enigmail doc. So I have what may seem to be a trivial question, because I am trying to get my head around at how the mechanism works: what is the effect on the recipent and the message itself if I only sign an outgoing e-mail? I sent a signed e-mail like this to another e-mail address of mine and received it with the green enigmail heading about the signature. Does this mean that this email receive some form of encription as well? Otherwise what is the usefulness of just signing e-mails like this?
I ask this because I'd like to make sure my emails are encripted, at least while they are in transit, to whoever I write to even in a weak form, so to speak, so that I do not have to send my private key each time (or only to specific people). Does it make sense? On the other hand I do not want to send emails that are unreadable.
Regards
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
signed only mails are not encrypted. The unencrypted message text is accompanied by a digital signature, by which means the receiver can check that the message has not changed during transport.
The purpose is to guarantee authenticity, not privacy. This can e.g. be useful for public announcements.
If you want privacy, you must encrypt your mails. If you want authenticity, you must sign your mails.
And please: NEVER give away your private key. It should be kept by you and by nobody else. Everyone in possession of the private key can read your encrypted mails and send mails with your digital signature.
What you can - and should - give away is your public key. Every correspondant of you needs to have a copy.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
I am new to this forum and to messaging encryption, and could not be able to find the answer in the enigmail doc. So I have what may seem to be a trivial question, because I am trying to get my head around at how the mechanism works: what is the effect on the recipent and the message itself if I only sign an outgoing e-mail? I sent a signed e-mail like this to another e-mail address of mine and received it with the green enigmail heading about the signature. Does this mean that this email receive some form of encription as well? Otherwise what is the usefulness of just signing e-mails like this?
I ask this because I'd like to make sure my emails are encripted, at least while they are in transit, to whoever I write to even in a weak form, so to speak, so that I do not have to send my private key each time (or only to specific people). Does it make sense? On the other hand I do not want to send emails that are unreadable.
Regards
Hi Antonio,
signed only mails are not encrypted. The unencrypted message text is accompanied by a digital signature, by which means the receiver can check that the message has not changed during transport.
The purpose is to guarantee authenticity, not privacy. This can e.g. be useful for public announcements.
If you want privacy, you must encrypt your mails. If you want authenticity, you must sign your mails.
And please: NEVER give away your private key. It should be kept by you and by nobody else. Everyone in possession of the private key can read your encrypted mails and send mails with your digital signature.
What you can - and should - give away is your public key. Every correspondant of you needs to have a copy.
Hi Ludwig,
ok now I understand. Thanks for your explanation