Sorry, I'm very confused. Both of us seem very confident in our positions, so clearly one of use is c/confidentlyincorrect...
I will wait until a third party helps us identify who is wrong and I will be very happy to correct any mistake if that's the case.
You said encryption occurs with the public key and decryption occurs with the private
I'm sad that I edited some typos on my original message because now you will probably think I changed it. But I said the opposite.
Anyway, there is probably some missunderstanding here and I don't think this conversation is useful.
Thanks for the feedback.
Sorry, but I still think I'm saying the same thing as in that paragraph:
[from your link] a sender can use a private key together with a message to create a signature
[from your link] Anyone with the corresponding public key can verify
Isn't that for when you want to send a message to someone so only the recipient can read it?
If I understand correctly, OP is asking about signatures to prove the posted content comes from a specific source.
Anyway, thanks for the review!
EDIT: changed encryption / decryption to signing / veryfing. Thanks for the corrections
Not an expert, those who know more please correct me.
From what I understand, what they post is not a PGP key, but the same content published in clear text signed with their private key. That way anyone can verify it with the author's public key to check it has been generated with the private one (that only one person should have).
I just use this usercript to block the whole instance: https://greasyfork.org/en/scripts/469297-block-lemmy-instances
You need to edit line 17
Here adapted to work also with MLMYM (https://old.lemmy.world): https://pastebin.com/z0mShfDP
Source with some Q&A: immiketoo: Linothorax Ancient Greek Armor - Historical Reenactment - Leatherworker.net
I use jscher2000/Save-webP-as-extension to make it bearable:
Firefox extension to overlay format and JPEG quality buttons on inline or stand-alone images for quickly saving a converted version of the image.
Maybe I'm whoosh-ing your comment, but the link I provided is not the reddit's place, but a non-reddit alternative
We may be getting somewhere...
So they are not excrypting it, but do we agree that with signatures the author uses their private key + the clear message to generate "something"?
... so then anyone can use the author's public key to check that "something" against the clear mesage to confirm the author's identity?
If that's the case, then my error is that the operation to generate the signature is not an encryption. So, may I ask... what is it? A special type of hash?
Thanks again. I will edit my original comment with the corrections once I understand it correctly.