Silk Road forums
Discussion => Security => Topic started by: Michael25 on June 15, 2012, 11:38 pm
-
Ok, I understand the vendors/sellers need to display their public key so people can order and communicate with them, but where does a buyer display or put their key? Do I just send my public key to the user I want to communicate with?
For example, if I placed an order with a vendor and they had a question for me and ONLY use PGP, how would they let me know they need my public key?
-
Your public key doesnt need to remain secret at all, you can post that to your profile, leave it on the forums or write it on a wall. The only thing it does is allow people to send you messages that you can read using your private key.
Your private key is something you should never share. Most implementations offer to store it locally only to be accessed with a password. You should store the local key files on your computer, and back them up as you see fit. Just make sure you commit the password to memory, it is not possible to recover your private key from a backup if you do not recall the password.
-
Ok, I understand the vendors/sellers need to display their public key so people can order and communicate with them, but where does a buyer display or put their key? Do I just send my public key to the user I want to communicate with?
For example, if I placed an order with a vendor and they had a question for me and ONLY use PGP, how would they let me know they need my public key?
Just get the vendor's key, write whatever you need to say to him, and include your key in the message. Encrypt and send.
-
Thanks for the info. It has helped and understand more.