Reitwiessner.de
GnuPG / PGP


GNU Privacy Guard

The GNU Privacy Guard (GnuPG) is the free variant of Pretty Good Privacy (PGP). Both tools can be used to securely encrypt and reliably sign files such as e-mails. The advantage of such tools is, that you do not have to send a secret passphrase to the recipient so that he can decrypt the message. This is because these programs use an asymmetric encryption algorithm. That means, you encrypt the file with the recipient's public key (available via a keyserver), and the recipient can decrypt it with his private key. There are even e-mail programs, for example mutt, that automatically retrieve the recipient's public key from a keyserver if it is not available and encrypt the message.

In my opinion, it is very important, that such tools are used even in daily private emails. The Internet is being spied, that is a matter of fact. But if we only encrypt emails with confidential information, the spies will be able to distinguish between confidential and non-confidential e-mails. And then they know that you have got something to hide.

How to get my PGP Key

The recommended method is to retrieve the key via a keyserver using my user-id, which should be a function of your PGP client, so that the key is automatically put into the key database. You can then verify that nobody modified the key on its way through the internet by comparing the fingerprint of the key with the fingerprint displayed here:

User-ID: Christian Reitwiessner <christian@reitwiessner.de>
Key ID = 1024D/2A2E84E4
Key fingerprint = 3C33 B5D4 6AF5 137A 0FFF E726 D805 CCFB 2A2E 84E4

The other method is to download the key from here. But this is much more insecure, because then it is easier to modify both the key and the fingerprint displayed here, because they come from the same server.

christian_reitwiessner.key.asc (2.4 KB)