Silk Road forums

Discussion => Security => Topic started by: NorthState on January 04, 2013, 10:40 am

Title: Whos PGP key i should use when encrypting private message?
Post by: NorthState on January 04, 2013, 10:40 am

Whos PGP key i should use when encrypting private message, do i use my key or do i copy key from a vendors profile and use that to encrypt a message?

Title: Re: Whos PGP key i should use when encrypting private message?
Post by: SelfSovereignty on January 04, 2013, 10:43 am

You use THEIR key.  This also means that you have no way of decrypting the message after encryption -- only the private key that was generated along with the corresponding public key that you use to encrypt messages, can decrypt the result.

So if you want an encrypted answer back, you should include your own public key in the message to your vendor so they can use it to send you a message back.

Title: Re: Whos PGP key i should use when encrypting private message?
Post by: NorthState on January 04, 2013, 02:07 pm

Thank you very much. :)

Title: Re: Whos PGP key i should use when encrypting private message?
Post by: Gruzel on January 05, 2013, 12:10 am

Also important to note, depending on your PGP program it may automatically include your own key in the encrypt-to section, you want to REMOVE this, so that the message is not linked to you.  You also do NOT want to "SIGN" the message.  Signing and adding your own key should only be used if you want to PROVE you are the sender--so don't do it for things like sending in your address.