Changes between Version 10 and Version 11 of gpg


Ignore:
Timestamp:
Apr 17, 2008, 7:10:40 PM (17 years ago)
Author:
Daniel Kahn Gillmor
Comment:

cleanup, plus added section on GNU/Linux OSes

Legend:

Unmodified
Added
Removed
Modified

  • gpg

    v10 v11  
    11[[PageOutline]]
    2 
    32= How can I use gpg to both encrypt my email and prove my identity? =
    43
     
    2726== Public and private keys ==
    2827
    29 The technology behind encryption relies on keys. A key is nothing more than a small text file with a lot of random-seeming characters in them. [http://current.workingdirectory.net/pages/identity/ My gpg key] can serve as an example for the curious. In order to use OpenPGP you will need to generate a public/private key pair. That means you will need two keys (two small text files with a lot of random-seeming characters): one that is public and one that is private. These two keys are generated together because they have a special relationship:
     28The technology behind encryption relies on keys. A key is nothing more than a small text file with a lot of random-seeming characters in them. [http://current.workingdirectory.net/pages/identity/ Jamie's gpg key] can serve as an example for the curious. In order to use OpenPGP you will need to generate a public/private key pair. That means you will need two keys (two small text files with a lot of random-seeming characters): one that is public and one that is private. These two keys are generated together because they have a special relationship:
    3029
    3130 * A message encrypted with the public key can only be de-crypted with the private key
     
    3635If someone has your public key, then they will be able to send you an encrypted message ''and'' if you send them a signed message, they will be able to verify your signature.
    3736
    38 It's important to note: you cannot send someone an encrypted message unless you ''already'' have their public key. In other words, it is not enough that ''you'' know how to use OpenPGP, your intended recipient must also know how to use it, have it setup on their computer, already have a public key, and already have given you their public key. Similarly, you cannot verify someone's signature unless you already have the sender's public key.
     37It's important to note: you cannot send someone an encrypted message unless you ''already'' have their public key. In other words, it is not enough that ''you'' know how to use OpenPGP, your intended recipient must also know how to use it, have it setup on their computer, already have a key, and already have given you their public key. Similarly, you cannot verify someone's signature unless you already have a copy of the sender's public key.
     38
     39= Using GnuPG on a Macintosh Computer =
    3940
    4041== How do I use GnuPG with a Macintosh and Thunderbird? ==
     
    4950 * Follow the [wiki:HowdoIinstallandconfigureFireGPGwithFirefox directions below to install and configure FireGPG for Firefox].
    5051
     52= Using GnuPG on a Windows Computer =
     53
    5154== How do I use GnuPG with Windows and Thunderbird? ==
    5255
     
    6063 * FIXME: Need directions. Generate a private/public key
    6164 * Follow the [wiki:HowdoIinstallandconfigureFireGPGwithFirefox directions below to install and configure FireGPG for Firefox].
     65
     66= Using GnuPG on a GNU/Linux Computer =
     67
     68Every major GNU/Linux operating system (e.g. [http://ubuntu.com Ubuntu], [http://debian.org Debian], [http://fedoraproject.org/ Fedora], etc) comes by default with GnuPG for their desktop installations.  For debian-based systems (like Ubuntu), you should be able to install enigmail with:
     69{{{
     70sudo aptitude install enigmail
     71}}}
     72And then restart any Thunderbird (or Icedove) instances.
     73
     74= Specific Programs =
    6275
    6376== How do I install and configure Enigmail with Thunderbird? ==
     
    8194 * "About Mozilla Thunderbird"
    8295
     96= Conclusion =
    8397== What else should I know about GnuPG? ==
    8498
    85 An important concept not covered here is: how do you get other people's public keys? OpenPGP uses a decentralize model of trust called [WikiPedia:Web_of_trust web of trust].
     99An important concept not covered here is: how do you get other people's public keys? OpenPGP uses a decentralized model of trust called [WikiPedia:Web_of_trust web of trust].
    86100
    87 GnuPG only encrypts the ''body'' of your message - not the headers. Therefore, when sending email, your email address, the date of the message, the recipient and other information regarding the transport of your message may be sent in the clear. One solution to that problem is to only work with providers that use [http://help.riseup.net/security/measures/#use_secure_email_providers providers that support starttls] (note: May First/People Link, despite not being included in the list, does use starttls).
     101GnuPG only encrypts the ''body'' of your email message - not the headers. Therefore, when sending email, your email address, the date of the message, the recipient and other information regarding the transport of your message may be sent in the clear. One solution to that problem is to only work with providers that use [http://help.riseup.net/security/measures/#use_secure_email_providers providers that support starttls] (note: May First/People Link, despite not being included in the list, does use starttls).