Comments on: Digital Signature & Encryption

By: Crypto425

Crypto425 — Thu, 08 Dec 2011 16:10:29 +0000

Would you trust PKI and CAs given the rate at which they get hacked (comodo, diginotar, etc) or exposed to be dishonest (etisalat). Furthermore, given that these CAs legally limit their liability in these cases, would you trust them with anything that could potentially result in loss to you that exceeds their liability (which is just a few thousand $)

By: Thomas Jude

Thomas Jude — Tue, 20 Sep 2011 09:41:38 +0000

Helo Mark,

This is a great article about encryption, digital certificate etc. Well explained and extremely simple language. Thank you.

By: Chanan Oren

Chanan Oren — Wed, 03 Aug 2011 07:16:02 +0000

StartSSL (startssl.com) also offers free email certificates, though should you need to revoke it there is a handling fee (currently US $24.90 according to their FAQ, except for EV certificates which are exempt from that fee).

By: Bob Hessler

Bob Hessler — Mon, 18 Jul 2011 21:19:01 +0000

Just called Comodo – only free for 90 days, then you have to pay.

By: Mark Shead

Mark Shead — Sat, 09 Jul 2011 03:47:48 +0000

If something is digitally signed, then you will be able to tell if the message was modified since it was signed.

By: Questions

Questions — Thu, 07 Jul 2011 08:26:08 +0000

Hi, I have a question about “edit message” function in outlook. I wonder whether to digitally sign and encrypt email are able to prevent using “edit message” in outlook?

By: Mark Shead

Mark Shead — Wed, 16 Feb 2011 13:56:18 +0000

Well I would agree that the way most people use email is not secure.

By: Scott L DuBois

Scott L DuBois — Wed, 16 Feb 2011 05:04:54 +0000

Love this article. I use it to explain to customers how email encryption works better than I could explain myself. I personally use Thunderbird Mail with Enigmail plugin that utilizes GnuPG the free encryption algorithm. Whichever way a person chooses to go the concept is the same and solid. It’s a good habit to get into after researching the various ways a person can not only intercept but impostor as someone else based on the “man in the middle” attack. Simple to use and sound advice. I once read an article from a major corporate attorney that email was not a secure means for communication, After extensive research into this concept, that guy may want to retract his comment.

By: Mark Shead

Mark Shead — Thu, 19 Aug 2010 03:09:51 +0000

Thanks for catching that. It looks like said it backwards. I’ve updated the post to correct it.

By: Luis Moraes

Luis Moraes — Thu, 19 Aug 2010 02:08:04 +0000

Here from Brazil, as a non native English speaking one I’m a bit hesitant to post this question. But let’s “the mind speak”: In the last paragraph before the CONCLUSION you say “Encrypting the hash value with your public key guarantees that the hash value, itself, hasn’t been changed.” Wouldn’t it be “Encrypting the hash value with your PRIVATE key guarantees that the hash value, itself, hasn’t been changed.” Maybe I’m not grasping the meaning. Your answer will drive me ahead in the article or in the language. Or both! Thanks.

By: Mark Shead

Mark Shead — Mon, 10 May 2010 15:32:42 +0000

This is a good way of explaining PKI. Thanks for sharing it.

By: Paul Sharkey

Paul Sharkey — Mon, 10 May 2010 04:18:15 +0000

I like to refer to the public key as an open padlock. I can send you an open padlock by courier, you could then lock a box with it and send it all back. Only I have the key to open the padlock (my private key). Anyone else handling the parcel along the way wouldn’t be able to open it.

With all this occurring on the Internet, the padlocks can be limitlessly duplicated and each locked box would actually have a million differrent padlocks to stop anyone trying to pick the locks.

By: Ilya Kralinsky

Ilya Kralinsky — Thu, 08 Apr 2010 20:36:39 +0000

I just want to let you know, as a Fascist, I feel we are under-represented in the faceless Fisher-Price people avatar world, and so I thank you for that — awesome job. Moreover, I want to say I was so impressed with this article and it’s eco-friendly beginning that I printed eighty copies of it for my friends on 200# stock glossy photo paper made glossy with baby seal fat rubbed on the paper with bald eagle feathers (come on, I said I was a Fascist!). Wonderful explanation, well-written article.

By: EchoSign Review : Productivity501

EchoSign Review : Productivity501 — Tue, 09 Feb 2010 18:02:00 +0000

[...] of what EchoSign offers can be accomplished with digital signatures. However, the barrier to entry is much lower with EchoSign and it is easier to get other people [...]

By: Digital Signatures : Productivity501

Digital Signatures : Productivity501 — Mon, 18 Jan 2010 04:51:50 +0000

[...] the past few days, the most popular post on this site has been our explanation of how Digital Signatures & Encryption works. Understanding this is key for our society to get past the point of using dead dinosaurs [...]