[SpamCop-List] Re: Att: Paul Johnson: PGP signature in spam
porpoise1954 at yahoo.co.uk
Sat Sep 18 23:26:37 EDT 2004
"helge" <masfjorden at spamcop.net> wrote in message
news:cife1q$kqk$1 at news.spamcop.net...
> Graeme Leith wrote:
> > The signature is real, but useless in the context in which you received
> > Each time you use PGP/GPG to sign something, the signature is different.
> > The encrypting software takes a hash of the message being signed and
> > then encrypts it with the private key of the person doing the signing.
> > When the receiver gets the message, they can decode the signature using
> > the senders public key to get the message hash and then generate the
> > hash for the message they received. If the two hash values are
> > identical, then the owner of the key sent the message and it was not
> > tampered with.
That's why it's pretty pointless for posting in a
> Thanks for an instructive reply.
> I have a problem with the word hash, though. Ordinary dictionary
> explanations don't cover the sense you are using, but it seems to be
> programmer's jargon as found at
> http://dictionary.reference.com/search?q=hash%20coding ,
> not very illuminating for a layperson, but I get the idea.
> helge (who won't use PGP)
More information about the SpamCop-List