Signing And Encryption; Generating A New Key Pair - Novell LINUX ENTERPRISE DESKTOP 11 - APPLICATION GUIDE 17-03-2009 Application Manual

11.1 Signing and Encryption

Signing means attaching electronic signatures to e-mail messages or even software to
prove its correct derivation. To keep someone else from writing messages using your
name, and to protect both you and the people you send them to, you should sign your
mails. Signatures help you easily check the sender of the messages you receive and
distinguish good-natured messages from malicious messages.
Software developers sign their software so that you can check the integrity. Even if you
get the software from an unofficial server, you can verify the package with the signature.
You might also have sensitive information you want to protect from other parties. En-
cryption helps you transform data and make it unreadable for others. This is important
for companies so they can protect internal information as well as their employees' pri-
vacy.

11.2 Generating a New Key Pair

To exchange encrypted messages with other users, you must first generate your own
key pair. One part of it—the public key—is distributed to your communication partners,
who can than use it to encrypt the files or e-mail messages they send. The other part of
the key pair—the private key—is used to decrypt the encrypted contents.
IMPORTANT
The public key is intended for the public and should be distributed to all your
communication partners. However, only you should have access to the private
key. Do not grant other users access to this data.
11.2.1 Creating OpenPGP Keys
OpenPGP is a non proprietary protocol for encrypting e-mail with the use of public key
cryptography based on PGP. It defines standard formats for encrypted messages, signa-
tures, private keys and certificates for exchanging public keys.
1 Click Computer > More Applications > Tools > Passwords and Encryption Keys.
112 Application Guide