My PGP certificates are installed for my email accounts.
Under Menus–> Tools —> Settings —> Signing and Encryption —> Account Policies, there is a checkbox that says “Digitally Sign Messages By Default”.
I have that box checked. Similarly, there is also a checkbox that says “Include certificates/keys in outgoing messages”. I do not have that box checked.
I did a test and I noticed that when the “Include certificates/keys in outgoing messages” box is checked, a file with the extension “.asc” gets attached to each email I send out. What is the purpose of this file? When would I need to use it? That is, when do certificates/keys need to be attached in outgoing messages?
Sorry if this seems obvious to you. I am new to all of this. Any information is appreciated.
eM Client does not publish your public key to a key server, so if you create a key in eM Client and use that to send a digitally signed message without attaching the key (that is the asc file attached), the recipient will not be able to verify the signature. If your public key is already uploaded to a public key server, then the recipient would download it from the server and the message will be confirmed as signed by you.
Take this example of the same message received without a key (top message) and when the key has already been imported on the recipient’s computer (bottom message).
In the top example, there is no way to know who’s signature it is, so eM Client reports that there is a problem. In the bottom example, the public key is already imported into eM Client and so the application reports that the message is signed by the sender.
So unless you have uploaded your public key to a key server, you will need to ensure that you have selected to have it attached when sending.