Where is FAQ?

[MFPA]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Friday 23 July 2010 at 10:15:05 PM, in
<mid:4C4A0659.6060002 at verizon.net>, Jean-David Beyer wrote:

> I have what I am sure is a frequently asked question,
> but I cannot find a FAQ. I can find the archives, but I
> know no good way to search them.

Did you try http://marc.info/?l=gnupg-users ?



> It is the question about the order of signing and
> encrypting a message. I am pretty sure that is the
> correct order,


The usual way is to issue the --sign and the --encrypt options on the
same command line. It makes no difference which order they appear,
GnuPG will (in effect) combine encryption and signing into a single
step.

Some people (clear)sign a message and then encrypt the signed message.
There may be groups or organisations that require this. I'm not aware
of any advantages of doing it this way. A disadvantage is doubling of
effort: the sender performs two gpg commands instead of one and so
does the recipient.

If you are communicating with a Hushmail address, your signature will
only be detected if you first encrypt the message and then sign the
encrypted message. Hushmail's webmail system is the only application I
have encountered that requires it this way around.


- --
Best regards

MFPA                    mailto:expires2010 at ymail.com

War is a matter of vital importance to the State.
-----BEGIN PGP SIGNATURE-----

iQCVAwUBTEwlO6ipC46tDG5pAQp/WgP/RRH6G39t1MMKXzPOZqgo59LrCNKlWx7g
cBcp/GCOO2l4BuvR5hcHWonmPcgSsIJ5Zdz/IbllQSiPAfCZI4DlYUka7sYn9gqd
a8xKfOm/gpTRCtpReBdRuj08/QkmjvKtRue6fMOBkADQn6RBy0dZrmu55dlsYo2R
gyR2FoEWefE=
=WF3G
-----END PGP SIGNATURE-----