PGP and GnuPG provide a much less passive experience, and it requires a little explanation and some setup before we can get into using it. SSL browsing is transparent to us largely because browser programmers make a few assumptions on our behalf, including how much trust we should place in the CA that signed a Web site’s certificate. Though it also uses public-key cryptography, SSL as we experience it in a Web browser is based on a model of authentication that relies heavily on third-parties, referred to as “ certification authorities (CAs),” that effectively vouch for the authenticity of a Web site’s cryptographic credentials. If the browser shows a little padlock icon somewhere, we decide our information is safe from eavesdroppers on the network. We make sure to stick an “s” at the end of “http” when we type in a URL, or we point our e-mail client at port 993 or 995 of an IMAP or POP server when we’re setting it up, and then we forget all about it. From our perspective as end users, this kind of encryption is a very passive process. SSL, for instance, is used to secure Internet traffic between your computer’s e-mail or Web client and a remote server.
We’re all used to dealing with some sort of encryption in our everyday net dealings. Both use a kind of cryptography referred to as “public-key” or “asymmetric.” With PGP or GnuPG, you gain the capability to encrypt or sign data in such a way that decrypting it is impractically difficult for any eavesdroppers, and altering data you’ve cryptographically signed without being detected is virtually impossible.
Gpg suite review how to#
Learn how to protect your e-mail and files you want to keep private using Pretty Good Privacy (PGP) encryption.Įarly last month I promised to get back to the topic of enhancing your digital security and privacy with PGP or its Free Software derivative, GnuPG.
0 kommentar(er)
