On 02/24/16, mark lewis pondered and said...
 
 ml> have at it :)

Cheers ears.

 ml>  PH> So I have installed a gpg4win bundle on my pc and have created a
 ml>  PH> public key which I can post here and you (or others) can then use to
 ml>  PH> encrypt a message to send to me - right?
 ml> 
 ml> yes... your signature should also end up on one of the public keyring
 ml> servers so that anyone can retrieve it... the trick is interfacing with
 ml> FTN software if you want to use it in this environment... the body of
 ml> the message, without control lines, has to be saved to a temp file, pgp
 ml> or gpg run on it to wrap and sign it and then the temp file gets
 ml> imported to replace the original... on my TimED/2 system, i have the
 ml> following options and commands...

[snip - examples]

Thanks :) Very detailed and looks good for those tools. I'm trying to figure
out a way to do something similar with Mystic but at this stage I am unsure
how I could write something on the fly and have it posted encoded or read
something encoded as decoded on the fly. It seems I could use the mutil tool
to post a manually created encoded text file with ease to a jam base and I
guess I can manually export a message from a jam base to a text file then
manually decode it.. it's just all rather labour intensive. :(

 ml>  PH> But if I were to post and encrypted message here it would be of no us
 ml>  PH> to anyone unless I had encrypted it using someone elses public key (s
 ml>  PH> they could unlock it) - right?
 ml> 
 ml> it works two ways...
 ml> 
 ml> 1. if you post a message encrypted with your PRIVATE key, anyone with
 ml> your PUBLIC key can decrypt it... that proves it was you that encrypted
 ml> it... 2. if you post a message encrypted with my PUBLIC key, only i will
 ml> be able to decrypt it...

Gotcha..

 ml> then there's signing a message instead of encrypting it... signing wraps
 ml> the message and places a digital signature at the bottom... others use
 ml> your public key to verify that you really did sign the message *and*
 ml> that it hasn't been altered in transit... signing is very common and
 ml> generally seen in message posting areas... encrypted stuff may be used
 ml> more in private transactions, though... i'm not sure there is a metric
 ml> for counting those...

OK, I will need to look at the tool I have downloaded to see how I could do
that, although I am more interested in doing encrypted stuff using an
othernet to test things out as I realise Fidonet policy is not really an
enabler of wholesale encrypted traffic :)

 ml> we have to make sure that in FTNs, and other places like news groups and
 ml> mailing lists, that we are having the tool to emit ascii and not
 ml> binary... it is possible to encrypt a message and the result is binary
 ml> which is sent but trying to get binary into a message and get it back
 ml> out without altering it is tricky at best... much easier to use ascii
 ml> which is already formatted and wrapped to 70 characters and ready to
 ml> post anywhere...

Yep that's fine the tool I have been playing with does this with ease. I also
came to the same conclusions quite quickly as well.

 ml> PGP Fingerprint 0xB60C20C5

When I get something sorted over the weekend I will post the same here.

Did you get the netmail I sent you?

Best,Paul

--- Mystic BBS v1.12 A5 (Windows)
 * Origin: Agency BBS | telnet://agency.bbs.geek.nz (3:770/100)