Hey yall,
I've been using DNMs on and off since SR1, so I've been around the block a few times. I feel like I'm living through the Wild West in the movies: a free but dangerous lawless place slowly being chipped away by the law! But I've already digressed: I have an embarrassingly newbie-type question that I need answered, and maybe my Google-fu is weak, but I can't find an explanation that I understand elsewhere.
I use plenty of computer opsec. Y'all know what that entails so I won't list off my shit. What I've never understood or really trusted is: how does PGP signing work? I get how the encryption works, public key can only be decrypted by private blah blah, but I'm not a real programming/encryption guy so I don't understand how a vendor ending a message with their PGP key is validating their identity. Couldn't anyone just copy that string of characters and sign with it?
I know it must be more involved than that, but for the life of me I can't figure out how.
I thought about posting in /r/DarkNetMarketsNoobs, but I like this community more. I also couldn't find an answer with the search function, but then again my searching might just suck today. Thank you in advance!
[deleted]