I saw that people on the dark web would sign their posts with a PGP key to prove that their account has not been compromised. I think I understand the concept of how private and public keys work but I must be missing something because I don’t see how it proves anything.

I created a key and ran gpg --export --armor fizz@… and I ran that twice and both blocks were identical. If I posted my public key block couldn’t someone copy and paste that under their message and claim to be me?

  • Crul@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    Sorry, I’m very confused. Both of us seem very confident in our positions, so clearly one of use is c/confidentlyincorrect…

    I will wait until a third party helps us identify who is wrong and I will be very happy to correct any mistake if that’s the case.