Cunningham Law (backfired terribly)

Can someone please explain why PGP is needs all of these? All explanations of public key encryption mention any email embedded emails.

And I probably don’t completely understand what PGP is, so please give me a good article or video on it.

  • Max-P@lemmy.max-p.me
    link
    fedilink
    arrow-up
    10
    ·
    4 months ago

    I mean you can make one without the metadata or phony metadata, it’s primarily used by software to validate you. It’s not like it validates any of the info. You can put [email protected] as your email of you want, good enough.The general idea is that a PGP key is an identity, not just a key pair. There’s plenty of non-PGP ways to make key pairs.

    It’s useful when other people look through their keyring, so I can easily find which key I’m looking for. People don’t usually go find your key every time you want to send a message, they import your key then specify the ID or email of the key to use which is usually automatic based on who you’re emailing. And then when you message back, they want their messaging client to be able to look up your key and validate it automatically. I’m not going to go browse my files to find your key again to verify every single one of your messages. And I’ll be messaging you at some email address or other identifier somewhere anyway, so the key ends up tied to a form of identity regardless.

    • RatoGBM@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      4 months ago

      Thanks, exactly what I wanted to know. This explains a lot.

      There had to be some reasoning behind it after all.