Subj : Re: PGP question
To   : alterego
From : Adept
Date : Mon Jun 08 2020 07:23 am

al> If "B" signs a message that is sent to "C", but "C" only has "A"s public
al> key, can "C" verify "B"s message without asking for "B"s public key?

Just so I'm understanding the question correctly, we're talking about some
sort of signature where you can decode it by using that user's public key,
correct?

Thus you somehow have to have B's signature, which was encrypted with B's
private key, become unencrypted by something other than B's public key?

That seems to be against the very idea of how a signature is supposed to
work. But maybe I'm missing something in the question.

And we're not counting things like A sending B's public key to C, right?
Because A could do that; it's just that you have to trust A to be sending the
correct public key, and not having just impersonated B the first time with
the signature.

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Storm BBS (21:2/108)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.