A PC user unfamiliar with any free software would like to send me messages that only we can read. Now what do I do?

Kevin Lists.gnupg at mephisto.fastmail.net
Mon Apr 8 17:45:32 CEST 2013


At 1365125582 seconds of The Epoch, Don Saklad wrote:
> A PC user unfamiliar with any free software would like to send
> messages that only the two of us can read. Now what do I do? The numbers
> of steps for it appear to be insurmountable! And I've failed to
> understand GNUPG myself.

There isn't really a one-click solution to secure encryption and
privacy.  This is because, by the very nature of such an endeavor as
protecting your data, email, communications, etc, you take on the
ultimate responsibility to ensure the system works to your requirements.
By over-simplifying the process, we would end up with a result that is
perhaps more convenient, but likely less secure.  There have been, and
continue to be, efforts to simplify the deployment of secure encryption
solutions, but debates continue (sometimes on this list--see the
history) about how to accomplish such a feat while maintaining the
integrity of the system's underlying security (its raison d'etre). 

You therefore owe it to yourself, and to your colleague, to spend a
little time at the outset, climbing the learning curve, to understand at
least the basics of how GnuPG works, and therefore how to employ it at a
level of security which meets your needs.  By "how GnuPG works," I don't
mean you need to be able to debug the code, but at the very least you
should understand the basic principles behind encryption, signing, key
fingerprints, etc.  Once you understand how it works, making it work
will actually seem easier, since you'll know the reason for what you're
doing as you use GnuPG, instead of just rehearsing a bunch of rote actions.

Since you mention that your friend has no experience with "any free
software," I will assume he is not running a free OS like GNU/Linux,
FreeBSD, etc.  It would help if you could provide more information on
your environment, but under the circumstances I am going to take a
statistical leap of faith and assume you are on Windows.  Ergo, the
following site should provide the software and guides you need to get
started:

http://www.gpg4win.org

The downloads available through the gpg4win project include GUI tools,
so you will probably not need to get your hands dirty in the command
line. 

Although the GNU Privacy Handbook is more geared toward *nix
deployments, I would also recommend you read through the sections that
have general applicability, to further your knowledge of encryption:

http://www.gnupg.org/gph/en/manual.html

(These are English language links, but please note other languages are
available).



More information about the Gnupg-users mailing list