The problems always start with the words "public key"... On 30/09/16 15:22, Werner Koch wrote: > > So for example "lock" and "private key" may be better.
"Lock and key" works for symmetric crypto, because you lock and unlock with the same key. "Latch and key" is the best analogy I know of to public key crypto, because anyone can pull a latch closed, but you need the key to open it again. It's true that the term "certificate" can imply an unwarranted level of authority - but that's also true of most things in the real world that we call "certificates", so I don't think the problem is entirely in the terminology...! ;-) Another problem with the signature analogy is that you don't sign with a "key" in the real world -- but there are other physical objects that you can "sign" with, such as a signet ring, which is a more intuitive analogy than "private key". But then what is the "public key" in this analogy? There just isn't anything in the physical world that works as a watertight analogy for the underlying mathematics. The fact that the same process can be used (with subtle differences) in *both directions* is where all known analogies come completely unglued... A
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
