PGP driving me mad

daztrouk · 26 Mar 2009 at 15:49

Can anyone help?

I'm trying to get PGP working between 2 users. I'm dealing with one of the users, while the other works for another company.

As it stands, we need to decrypt an email which has been sent to us by the other company. They've provided us with a public key, which has been imported into our PGP software. We've provided them with nothing other than our email address. There sending encrypted emails to this address, and these emails are then being forwarded onto another user who actually has the PGP software installed.

I try to decrypt the file on this system using PGP Desktop but am unable to do so. From the above, is there any reason for this? I'm obviously missing something.

IAmATeaf · 26 Mar 2009 at 16:35

Are you sure the emails are being encrypted with the public key? Sounds like they could be using their private key, maybe?

Tom84 · 26 Mar 2009 at 16:57

I'd bet money on the problem being that they're being forwarded to the address with the PGP software rather than them going directly

yashiro · 27 Mar 2009 at 01:18

To decrypt a mail that's been encrypted you need BOTH halves of the key.
The private and public halves.

So, to receive an encrypted mail from THEM they need to encrypt using YOUR (the recipients) public key.
(G)PGP programs always have an option to encrypt to self too. This lets you read encrypted mails you send.

Basically. Send each other your public keys. Both parties add them to their keyrings and set them as trusted/sign them with your private key. Then you wont have to educate people on how it all works.

Additionally, if you're going to do this forwarding lark then it's possible that you won't be able to simply pass this mail on to read.
Encryption is designed to block man in the middle access. You would have to get them to encrypt a plain text attachment using the final recipients pubkey instead.

A public key is for others to use when encrypting messages to you and when verifying signatures from you,
and a private key is used for creating signatures and for decrypting messages to you.

When I was in my teens using Windows this was all quite confusing too. Under Linux/Unix, especially Gnome desktops, it's been somewhat integrated for a long time so it becomes second nature under this environment.
If this whole thing is a bit over your users heads. Try www.hushmail.com