I want to know a bit, on how authentication and authorization works in GnuPG.
I know that for encryption, GnuPG creates a session key with the public key, that is then used with symmetric encryption. For decryption, the private key is used to recover that session key, in which then, the ciphertext get's symmetrically decrypted, using that session key. I know that for signing, a hash of the content is produced, that, afterwards, gets encrypted with the private key. For verification, the public key is used to recover the original hash, and then that gets compared with the content hashing. I don't understand how authentication and authorization works. Can someone clarify this for me? Thanks. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
