[[PageOutline]]

= How can I use gpg to both encrypt my email and prove my identity? =

== GnuPG, gpg, OpenPGP, PGP, what does it all mean? ==

There are a lot of confusing acronyms involved in email encryption. Here's a very brief explanation:

GnuPG (also known as GPG) stands for Gnu Privacy Guard ([http://gnu.org Gnu] is a project to create an entirely free operating system).

[http://gnupg.org GnuPG] is an implementation of the open standard called [http://openpgp OpenPGP]. An open standard means that a group of people have come together to decide on how to communicate. The OpenPGP folks have defined a way to communicate encrypted information securely. GnuPG is one program (of many) that uses this standard. GnuPG is free software and is one of the most popular implementations of OpenPGP.

== In plain language, what does it mean to encrypt my email? ==

For most of us, when we first decide we want to encrypt our email, we only think about one half of the equation: scrambling our message in a way that only the intended recipient can read it. 

A second, and equally important component that is often over looked is authenticity. If someone sends you a secret message, how do you know it was sent by the person who is claiming to have sent it?

Encryption (scrambling your message) and authenticity (knowing who really sent the message) are the two pillars of secure communication. You must have both to securely send private messages between two parties. 

Therefore, when sending mail using GnuPG, you will typically want to both encrypt the message ''and'' digitally sign the message. When receiving email using GnuPG you will typically want to de-crypt the message ''and'' verify the signature.

== Public and private keys ==

The technology behind encryption relies on keys. Keys are nothing more than a small text file with a lot of random-seeming characters in them. [http://current.workingdirectory.net/pages/identity/ My gpg key] can serve as an example for the curious. In order to use OpenPGP you will need to generate a public/private key pair. That means you will need to keys: one that is public and one that is private. These two keys are generated together because they have a special relationship:

 * A message encrypted with the public key can only be de-crypted with the private key
 * A message signed with the private key can be validated with the public key

As the names imply, the private key should be kept private. You should never, under any circumstances, share this key with anybody else. The public key, on the other hand, should be freely given to everyone.

If someone has your public key, then they will be able to send you an encrypted message ''and'' if you send them a signed message, they will be able to verify your signature.

It's important to note: you cannot send someone an encrypted message unless you ''already'' have their public key. In other words, it is not enough that ''you'' know how to use OpenPGP, your intended recipient must also know how to use, have it setup on their computer, already have a public key, and already have given you their public key. Similarly, you cannot verify someone's signature unless you already have the sender's public key.

== How do I use GnuPG with a Macintosh and Thunderbird? ==

 * Download and install [http://macgpg.sourceforge.net/ Mac GnuPrivacy Guard]. There are several packages available for download, the one called "GnuPrivacy Guard" is the only one you must download. You may choose to download the others.
 * Follow the [wiki:gpg#HowdoIinstallandconfigureEnigmailwithThunderbird directions below to install and configure Enigmail for Thunderbird].

== How do I use GnuPG with Macintosh, web mail and Firefox? ==

 * Download and install [http://macgpg.sourceforge.net/ Mac GnuPrivacy Guard and GPG Keychain Access]. There are several packages available for download which are not required but you may find useful.
 * Run the GPG Keychain Access program and generate a new public/private key (FIXME: we need documentation on how to do this).
 * Follow the [wiki:HowdoIinstallandconfigureFireGPGwithFirefox directions below to install and configure FireGPG for Firefox].

== How do I use GnuPG with Windows and Thunderbird? ==

 * Download and install [http://www.gnupg.org/download/index.en.html#auto-ref-2 GnuPG for Windows]
 * Follow the [gpg#HowdoIinstallandconfigureEnigmailwithThunderbird directions below to install and configure Enigmail for Thunderbird].

== How do I use GnuPG with Windows, web mail and Firefox? ==

 * Download and install [http://www.gnupg.org/download/index.en.html#auto-ref-2 GnuPG for Windows]
 * Download and install [http://www.gnupg.org/download/index.en.html#gpa Gnu Privacy Assistant for Windows]
 * FIXME: Need directions. Generate a private/public key
 * Follow the [wiki:HowdoIinstallandconfigureFireGPGwithFirefox directions below to install and configure FireGPG for Firefox].

== How do I install and configure Enigmail with Thunderbird? ==

 * Download [http://enigmail.mozdev.org/home/ Enigmail], a plugin for Thunderbird that provides OpenPGP support. Enigmail has an excellent [http://enigmail.mozdev.org/documentation/quickstart.php manual to get you started]. Below are the quick and dirty steps:
 * [http://enigmail.mozdev.org/documentation/quickstart-ch1.php#id2533080 Install Enigmail].
 * [http://enigmail.mozdev.org/documentation/quickstart-ch2.php#id2533185 Create your private/public key].
 * [http://enigmail.mozdev.org/documentation/quickstart-ch3.php#id2533703 Practice signing and encrypting your email]

== How do I install and configure FireGPG with Firefox? ==

 * Click the [http://getfiregpg.org/?page=install download FireGPG] button while running Firefox
 * FIXME: need instructions on using FireGPG to sign, verify and decrypt messages.

== How do I know what version of Thunderbird I'm running? ==

You can see what version of Thunderbird you have by:

 * go to Thunderbird
 * click on "Help" (File menus at the top)
 * "About Mozilla Thunderbird"