In Enigmail, you can search for keys using the menu items Enigmail Key Management Keyserver Search for Keys, and then searching for my name or my e-mail address eliasen mindspring. Anyone who overhears or intercepts the key in transit can later read, modify, and forge all information encrypted or authenticated with that key. A revoked signature should carry nearly as much weight as a revoked certificate. So how do you find this for the key you want to upload? I've downloaded a public key with his name from a keyserver, but I can't be sure that key belongs to him. Again, if someone signed your key without validating the fingerprint with you, they are actively damaging the web of trust. Point them to this section of the documentation and help them fix it.
While the public and private keys are mathematically related, it's very difficult to derive the private key given only the public key; however, deriving the private key is always possible given enough time and computing power. You'll need to save your message to a file. Note that this may not work just fine if you're using gpg2, which may require the use of gpg-agent, so you may have to work harder to set that agent up correctly. A dollar bill, with distinctive tearing pattern and matching serial numbers, is hard to forge. The problems of key distribution are solved by public key cryptography, the concept of which was introduced by Whitfield Diffie and Martin Hellman in 1975. You'll get the option to sign the key.
In your e-mail client, always choose to sign and encrypt a message. From the command-line, I use version 1. This is a mathematically super-strong version of the old trick of ripping a dollar bill in half, and sending half of it to someone. Corollary: Inform the weakest links in your group that they could be using stronger ciphers. You can be detained and couldn't ever be compelled to give up the password, as you never had it! They appear on a line beginning with sec. If they are in different physical locations, they must trust a courier, the Bat Phone, or some other secure communication medium to prevent the disclosure of the secret key during transmission.
The simplest way to import my key from an e-mail client like Enigmail is to import it from a keyserver. Some people may only publish their public keys using elliptical curve algorithms which are only usable with new versions of gpg2. You may not want others to know who you communicate with. They could just as easily be assigned in reverse. But you must verify keys with the other person to be truly secure.
Or, if you must send it again, alter it as much as possible before encrypting and sending it again. Cryptographic strength is measured in the time and resources it would require to recover the plaintext. This is actually the last digits of your 40-digit fingerprint. See the section to see where your gpg. Digital signatures enable the recipient of information to verify the authenticity of the information's origin, and also verify that the information is intact. A fingerprint is a shorter number usually expressed as a 40-hexadecimal-digit number that contains a cryptographically strong hash of my public key.
The public key allows everyone to encrypt files, that only you and your secret key can decrypt. A substitution cipher substitutes one piece of information for another. Otherwise, if you lose your secret key, or it becomes compromised, the corresponding public key will sit forever on public keyservers, mocking you and demonstrating that you don't know how to protect your secrets properly. If people have your old key, this helps them trust that the new key was generated by you. When it all comes out as mostly alphanumeric characters? First, read the section above to see how to configure gpg to prefer that people use certain algorithms when sending to you. Note that this will increase the size of your message on disk.
You can also upload that signature to a keyserver, which makes that signature available to the world. This is Ctrl-D in most Unixlike systems and Ctrl-Z in Windows-like systems. The public key will be placed on the server by your system administrator, giving you access. If you do not explicitly add your own address to the list of recipients, you will not be able to decrypt the message! Corollary: often, so if someone on your keyring chooses to use stronger algorithms, you respect their preferences. If you want to be more secure, of course, you'll run the steganography tools on your own machine. LastPass not only does that, but does it across multiple devices and very securely. Then just paste the results into the body of your e-mail.
Smart e-mail add-ons like Thunderbird with Enigmail can suppress your signature when using encryption. Theoretically, this will prevent users from unwittingly using a compromised certificate. A signed message gives a mathematically very strong certainty that the message was signed by you. A more complete command-line might look like: gpg --encrypt --sign -r your email. Keep your private key in a safe place. It must begin with 'ssh-rsa' or 'ssh-dss'. This is exactly the model of a product I wouldn't trust.
They appear on a line beginning with pub. Read the technical note on below for interesting attack ideas using short keys. It's easy to create a message that you can never possibly decrypt yourself, and cannot possibly be compelled to do so! Larger keys will be cryptographically secure for a longer period of time. They say that a secret is not a secret if it is known to more than one person. A command like tar will help preserve correct permissions.