Should I Be Worried?

I made a large order with a vendor that had a decent amount of transactions all with good reviews, now he is asking for my private key and is claiming pgp cant be decrypted with just a public key.

should I worried about this? please help.


Comments


[11 Points] Tussthethief:

Never give your private pgp key to anyone.


[6 Points] Username4WhenStoned:

possibility one - Scammer

possibility two - He has no idea what he is doing

cut of all communication with this vendor and never deal with him again


[6 Points] StuffyKnows2Much:

Eminem once said "Be smart, don't be a retard."

With that in mind, I would encourage you to never give out your private key.


[2 Points] SmallProfessor:

Be worried that you are asking whether or not you should be worried. You should know these things.

Understand why PGP is important and how it works. If you sent him a message encrypted with your PGP key, then yes, he will need your private key to read the message. You should never do this, because the entire purpose of a public key is to share it and have the information readable by true owner of the receivers keys. Private keys should never be shared.

A vendor shares his/her public key block and you encrypt your sensitive information using that public key.

Cancel the order, delete your account, and lurk more before putting yourself at any further risk.


[3 Points] None:

DO NOT GIVE IT TO HIM!

Who is it? Give us a description of your prior contact with him leading up to this. This is very suspect.

Did you send him a message encrypted with your own public key? If so you fucked up. That's the only circumstance he would "need" your key to read the message.

Send him a message encrypted with HIS public key.


[2 Points] Trappy_Pandora:

Whatever you do, don't give him your private key!


[1 Points] 2hot4shit:

do your research man


[1 Points] None:

No good vendor would ask for your private key, even if you sent him a message the couldn't decrypt.


[1 Points] None:

YOU ARE GOING TO DIE


[1 Points] throwa90210:

maybe you encrypted message to him with your public key, not his? and he got tired explaining to you how to encrypt with his key not yours. so he said fuck it gimme your private key and i'll decrypt it that way