I’m pretty sure that’s a key for encrypting a message to the publisher, not decrypting a message from the publisher, so you can’t verify via decryption. However, you can verify the key via the physical print, which is the point of it.
Both keys can be used to encrypt files that only the other key can read. When sending encrypted messages you generally encrypt with both the sender’s private key, and the recipients public key, so that the recipient can decrypt the document, but they can also know it was sent from who they expect.
You verify the public key by decrypting something encrypted by the private key.
So the government MitMing you can know it’s from you? I don’t think that changes anything. There’s still nothing stopping a MitM from just changing the key shown at the bottom of the page and then reading whatever you send.
I’m pretty sure that’s a key for encrypting a message to the publisher, not decrypting a message from the publisher, so you can’t verify via decryption. However, you can verify the key via the physical print, which is the point of it.
Both keys can be used to encrypt files that only the other key can read. When sending encrypted messages you generally encrypt with both the sender’s private key, and the recipients public key, so that the recipient can decrypt the document, but they can also know it was sent from who they expect.
You verify the public key by decrypting something encrypted by the private key.
So the government MitMing you can know it’s from you? I don’t think that changes anything. There’s still nothing stopping a MitM from just changing the key shown at the bottom of the page and then reading whatever you send.