I think you miss the point of Public Key Crypto. The idea is that you CAN publish your public key, to one and all. Then when you sign a post with your private key (and do work hard to keep that key private!), then anyone can verify that _you_ (in the guies of your public/private key pair) wrote the message. No one else can sign a message such that _your_ public key will decrypt the sig in a valid way, unless you have let your private key leek out. This is the whole wonderful idea that make Public Key crypto so wonderful. You are createing a strong and valued Psudonym, and signing your messages will only make it stronger! Then there is no way to really spoof a message from 'Wonderer', as you will be ('Wonderer'*KEY) and a solid nym-citizen. Make sence? ||ugh Daniel hugh@toad.com