Keybase - Crypto for everyone

Elec signature vs digital signaure

• https://www.signix.com/blog/difference-between-electronic-and-digital-signature

https://www.ontask.io/resources/blog/electronic-signature-vs-digital-signature-know/

Digital signatures have three components: authentication, non-repudiation, and integrity. This ultimately means it’s possible to track whether a document with a digital signature has been tampered with. They are also unique to each signer.

https://blog.ligos.net/2018-04-28/Getting-Started-With-KeyBase.html

With regular (un-encrypted or unsigned) digital communication such as Emails it is possible for a sender to refuse authorship or there is no certain way for the receiver to

For example, if Bob sends a message to Diana then Diana shall be able to verify that the message indeed was sent by Bob and no one else tried to spoof Bob’s identity. With PDF documents and some online transactions

Definition of non-repudiation from NIST CSRC:

Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the information.

Very informative slide deck from Gemini Security Solutions about PKI and PGP.

Use GPG on the command line

• https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line/

Search for Public Keys

• by email address or Key ID

Upload or manage your key at https://keys.openpgp.org/

Check a key by id or email and get results as follows:

https://keys.openpgp.org/vks/v1/by-fingerprint/D0D4EC96B8230B4EBFD7971FC4121392067D557C - for akadapa@protonmail.com

How to Export Your Keys

• https://www.techrepublic.com/article/how-to-create-and-export-a-gpg-keypair-on-macos/