a newbie question on passphrase to decrypt an encrypted file

[Dongping Deng]

Thanks! You are right. I was confused.

dp

-----Original Message-----
From: Frank Tobin [mailto:ftobin@neverending.org]
Sent: Wednesday, August 22, 2001 5:45 PM
To: Dongping Deng
Cc: 'gnupg-users@gnupg.org'
Subject: Re: a newbie question on passphrase to decrypt an encrypted
file


Dongping Deng, at 17:06 -0700 on Wed, 22 Aug 2001, wrote:

   I installed gpg (win32) on my machine running NT. I generated my key
   with my passphrase. When I encrypted a file, it asked me for the
   passphrase. But when I decrypted it, it didn't ask me for the
   passphrase at all. This sounds scary to me. I can't seem to find the
   answer from various documents. Don't you have to type in your
   passphrase to decrypt a file?

Since when one encrypts files, one doesn't need to to access the secret
key (and hence, enter a passphrase), I think what you did in the first
step was sign your message, not encrypt it.  Signing a message requires
access to your secret key.

Also, since verifying signed documents does not require access to your
secret key, I think that this is what you did in your second step.  That
is, you didn't decrypt, but rather verify a signature.

-- 
Frank Tobin		http://www.neverending.org/~ftobin/