Quote from: sativo on November 17, 2012, 07:41 pmWhen we buy from a vendor, we import their keys into PGP and write out our address in the clipboard, then encrypt it using their key right?My question is, do we include our own key in the message, and are we meant to click "sign" along with encrypt?ThanksYou can include a copy of your own key under the address information that you send to the vendor. THIS IS IMPORTANT -- NEVER, EVER, SIGN ANYTHING RELATED TO A TRANSACTION WITH A VENDOR. Once a message is signed, and the signature verifies, it is impossible to disavow such a message as a forgery. Why do you think that DPR signs his messages? He signs them precisely to assure all of us that the messages are genuine, and not forged. If a vendor were ever busted, and a copy of your signed message fell into the hands of the authorities, this would provide them with a signed confession to a criminal offense. That is why you never sign anything that could be incriminating in the slightest degree. Nightcrawler