On 07/28/2014 08:04 PM, Pete Stephenson wrote:
> I told to my self that it would be interesting as securing method to
sign
> stuff with a private key "with out having the public key". this
would mean that only
> the person who has public key would have access to the data with out
needing
> a password.
When would this be useful? The public key is public, and anyone with
it could decode the message. To secure a message such that only the
desired recipient can read it, you should encrypt a message to the
recipient's public key so that only their private key can decrypt it.
Simply put, I don't understand a situation where using your system
would be an improvement over the current system, but perhaps I
misunderstand sometihng.
Using this method there is no "password required", it is only need to
know how to rebuild the public key. So you can safely store
a "damaged public key" on your computer/web server/ whatever and if
some one steal it he won't be able to get your information.
I find this very attractive, because i could damage the key and still
remember how to fix it many years after, But it is by sure that
i wont remember an unic password 5 or 10 years after. ( maybe other
people can )
> (and the person with the private key too i think, it would be great
if only the person
> with the public key can decrypt the data, maybe there is one option,
i'll check for that.)
>
> So why i was asking about the CRC error?
Because the key was modified in a way that GPG did not expect.
This one was funny, actually it was a rhetorical question, and the
explanation was the following text.
(My English is not pretty good and my syntax is not American...)
> when i was testing this method, i removed the keys from my keyring,
and then
> i imported only the secret key. For my surprise there was also the
public key.
> Is there anyway to only import the secret key?
The public key can be (and is) regenerated as needed from the private
key. If you import a private key and there is no corresponding public
key in the keyring, GPG automatically recreates the public key and
puts it in the keyring. As far as I know there is no way to import
only a private key without the corresponding public key.
Thanks, this information was really useful. I can still making a super
complicated password and store the damaged public key. If some day i
forget the password I'll be able to rebuild the public key!
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
