Messing With My Head
It is currently Fri Aug 23, 2019 9:26 am

All times are UTC - 8 hours

Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: OpenPGP
PostPosted: Fri Mar 06, 2009 4:54 pm 
Site Admin

Joined: Thu Sep 02, 2004 7:45 am
Posts: 39
Quick notes on using OpenPGP and the Enigmail Add-On for Mozilla Thunderbird email client in Windows (all).

1) Download GnuPG and install it:
2) Download Thunderbird and install it:
3) Get the Enigmail Add-On: ... /latest/71
4) Install it into Thunderbird: Tools=>Add ons=>Install...
5) Use the wizard to set up the Add-On: Create a new message and select OpenPGP=>Sign Message to start
Really the only thing you will need to remember is your passphrase.
6) Remember to also create the reversal key when prompted

You have now started your personal "key ring".

The basics of using PGP/signing are that you will need to have a "public key", which you will send to anyone who needs to read your encrypted email, and a "private" key, which will be used by Thunderbird in conjuction with the public key to verify your identity. If an email message is sent out using your public key, but it was written without your private key, then the keys won't match, and the recipient's decryption program will complain about the mismatch, and it won't "trust" the forged message. If the message is created with a private key that pairs with the public key being used, then the recipient's decryption program will be satisfied.

So you will now need to send your public key to everyone who you want to send encrypted email to. With Thunderbird and the Enigmail Add-On, you accomplish this by using the OpenPGP MENU (not the icon) in your Composition window and selecting "Attach My Public Key". You only need to do this once.

When the message is received, the recipient needs to "Import" the public key into their "key ring" so it can be used with future messages.

THAT'S NOT ALL! In order for the two of you to exchange signed and encrypted messages, you ALSO need the recipient's public key, so they need to send it to you, and you need to Import their key into your key ring.

Once done, you can compose messages to each other and use the OpenPGP menu or icon to Sign and Encrypt (optional) the message. When you do that, your public key will be included in the front of the message for the recipient's email program to use. If they have the matching public key in their key ring, the message will be able to be decrypted and read (with the public key hidden out of the way.)

You can only use signing with PLAIN TEXT emails ... you can't do this for HTML, fancy messages with bold characters or colors or whatever. But the points of using signing and encryption are (1) verifying the sender's identity (signing) and (2) obscuring the contents of the message (encryption), not making the text look all pretty.

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC - 8 hours

Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  


Original content is Copyright ©2004-2011 by James Butler. All rights reserved.
ThinkTinker is a trademark protected under United States trademark law.


In addition to the "Rules of the Road", visitors who contribute to this website agree to the following:
The author of a comment releases all copyrights with respect to the contents of the comment.
Comments may be edited, moved or deleted at any time for any reason at the sole discretion of James Butler.
Any parts of this Bulletin Board may be re-published and/or compiled in any form
at any time without further notice, compensation or acknowledgement.
(We will try to keep attributions intact, but we make no guarantees.)
If you do not agree to all of the above Terms & Conditions, do not post anything on this Bulletin Board.

ThinkTinker's Administrator may be reached by email: james at

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group