How does the signature technical works? As the encryption with
pgp(asyemtric encryption)?
How save is this signature?
Is it possible to change my signature on Linux/thunderbird? And how?
Which data does the signature needs? pup key from pgp?
Does it need the same pgp key as the encryption for my email?
regards
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
But if you want a short answer, then yes, it works the same as with PGP.
How save is this signature?
It's impossible to say without knowing what your threat model is. I can
say that the sort of signatures Enigmail is commonly used to generate
(2048-bit RSA) is believed safe until 2030, and that everything from
Amazon to DNS roots uses it.
Is it possible to change my signature on Linux/thunderbird? And how?
Change it, how?
Which data does the signature needs? pup key from pgp?
To sign a message requires your private key. For someone to verify a
signature requires a copy of your public key.
Does it need the same pgp key as the encryption for my email?
No, and in fact different keys are used for signing and encryption.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
On 5/11/2020 10:30 AM, feldmann_markus@users.sourceforge.net wrote:
Is it possible to change my signature on Linux/thunderbird? And how
Let me add this to another response you got from Rob. If you think is a
fixed thing (like a handwritten signature), it isn't, so you don't
"change it". A signature is the large value that is the output of some
calculations involving the value of your private key and the value of
the information being signed. Your signatures change with each
different message (or file) you sign.
Hello,
How does the signature technical works? As the encryption with
pgp(asyemtric encryption)?
How save is this signature?
Is it possible to change my signature on Linux/thunderbird? And how?
Which data does the signature needs? pup key from pgp?
Does it need the same pgp key as the encryption for my email?
regards
Full details can be found in RFC4880:
https://tools.ietf.org/html/rfc4880
But if you want a short answer, then yes, it works the same as with PGP.
It's impossible to say without knowing what your threat model is. I can
say that the sort of signatures Enigmail is commonly used to generate
(2048-bit RSA) is believed safe until 2030, and that everything from
Amazon to DNS roots uses it.
Change it, how?
To sign a message requires your private key. For someone to verify a
signature requires a copy of your public key.
No, and in fact different keys are used for signing and encryption.
On 5/11/2020 10:30 AM, feldmann_markus@users.sourceforge.net wrote:
I noticed in Linux/Thunderbird/Enigmail i have no option to select the pup-key i want for signing?! Is this correct?
Currently i have only 2 gnupgp keys(manually generated)!
Which does Thunderbird/Enigmail use for signing? Randomly?
Or first key in file directory list?
Last edit: 2020-05-12
You can select the key in the Account Settings under OpenPGP Security.