where to start?
faramir.cl at gmail.com
Thu Feb 12 00:55:01 CET 2009
-----BEGIN PGP SIGNED MESSAGE-----
Dr. Scott S. Jones escribió:
> I run both Win xp and ubuntu 8.10. My wife runs win xp on her laptop. We are
> at the point now where we both want to enable encrypted emailing AND we want
> to find a nice way of educating those we email to often, or with whom we
> exchange sensitive information, in how to use gnupg to encrypt email back
> and forth. Where should I start?
Well, as Robert J. Hansen already said, you must chose between 2
different standards: S/Mime and OpenPGP. Personally, I would rather use
OpenPGP, since I think it is more flexible, I can encrypt/decrypt text
in the clipboard, encrypt files before uploading them to an ftp... But
not every email client supports OpenPGP. Most people I know (including
me), use Mozilla Thunderbird with Enigmail addon to provide support of
GnuPG. Other people is using FireGPG, an addon that allows them to
compose encrypted messages using webmail interfaces (like Gmail). But if
you use FireGPG, beware of auto saving of draft messages, there is no
warranty they will really be deleted after sending the message.
On windows, I would install GnuPG 1.4.9 for windows (available at
GnuPG website), or GPG4Win, which is GPG2 compiled for Windows (includes
GnuPG 1.4.x as its core files, plus GPG2.exe which is the one capable of
using S/Mime, _if I am not wrong_ about GPG2). Recently,
gpg4win-1.1.4rc1.exe was released, and if everything goes right, in less
than a week we should have the updated version, which includes gpg 1.4.9
as the core files, the most recent version of GPG2, and some useful
tools. The advantage gpg4win has, is it include a lot more things than
gpgp 1.4.9, but doesn't force you to install these things. Also, it will
include gpg in the windows path global environment variable, something
the user has to do manually with gpg 1.4.9.
I would also install GPGShell GUI tool for gpg, it is awesome, and
let you to perform easily a lot of task, as encrypting/decrypting the
content of the clipboard, etc.
About a good way to learn about OpenPGP (in special, GnuPG) is the
GnuPG Privacy Handbook, it is not hard to understand, and if somebody
has any question, they can ask here about it.
By the way, do you have the chance to do face to face or telephonic
meetings with the people with whom you exchange sensitive information?
If you do, you can easily exchange OpenPGP keys fingerprints. If not,
maybe you would be interested in getting a digital certificate signed by
a trusted CA, and use it with S/MIME standard (it's a centralized
system, so you won't need to arrange face to face meetings). Or you can
do as I did, first I got a certificate from CAcert.org, and then used it
to prove my identity and exchange OpenPGP fingerprints (also, CAcert
signed my keys, which made thing easier). Also, that way, you would be
capable of using both standards.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Gnupg-users