Been doing a bit of studying – encryption (confidentiality) and digital signatures and the use of public-private keys for these things. And, because this had me scratching my head for a bit (and maybe I’m just slow today), let me express things a little differently than I have seen in most write-ups.Wikipedia has a nice entry on Public-key_cryptography (that honestly if I had read earlier would have lessened the head-scratching to a great degree – but hey, I was on an airplane and couldn’t get to it) that talks about asymetric key algorithms. The whole point is that one key is used to encrypt another to decrypt. The trick in understanding how these apply to confidentiality and digital signatures is then the following:For confidentiality the encryption key is distributed (public) and the decryption key is kept secret (private) so that only those that have the private can decrypt.For digital signatures the encryption key is kept secret (private) and the decryption key is distributed (public) so that everyone can verify that only the holder of the private key could have encrypted the message.See the point? Sometimes the encryption key is public, sometimes it’s the decryption key that’s public – depending on what you are using it for.