24 Jun
2019
24 Jun
'19
8:27 a.m.
On Mon, 24 Jun 2019 11:25:04 +0530, Ram Kumar via aur-general wrote:
the signature which is attached here with, is a public key of yours and can be used to encrypt the messages which are to be sent to you, and you can decrypt it using ur private key.
Am i understood correctly?
The purpose of signing messages, which is usually frowned upon on almost all mailing lists, ensures that the content of a mail can't be changed without getting attantion and to ensure that the sender _is_ really the sender and not just somebody who pretends to be the sender. This works even while those mails are _not_ encrypted. You need to import the public key, to verify the signed email and you need to maintain a web of trust, to verify the imported key first.