[Freedombox-discuss] Email Encryption Basics

Nick M. Daly nick.m.daly at gmail.com
Sat Nov 10 04:47:51 UTC 2012 

I've recently had a few questions on encrypting emails and figured that
sending this to the list might help.

Step 1: Use email safely (don't leak your password and be wary of
        leaving server-side copies).

Step 2: Meet and trust people who you're going to exchange messages
        with.  Until your electronic communication is secure, it can't
        be trusted, so exchange key IDs in person.

Step 3: Read and understand email encryption.  Send yourself a few mails
        and successfully decrypt them before you exchange mail with
        other people.

Step 4: Back up your keys and revocation certificates.

Introduction to e-mail safety
=============================

E-mail is one of the oldest forms of communication on the Internet. We often use it to communicate very personal or otherwise sensitive information. It is very important to understand why e-mail in its default configuration is not secure. In the following chapters we will describe the different methods necessary to secure your e-mail against known threats. We will also provide you with basic knowledge to assess the risks involved in sending and receiving e-mail.

    http://en.flossmanuals.net/basic-internet-security/ch022_introduction-to-email-safety/

Introducing mail encryption (PGP)
=================================

This chapter will introduce you to some basic concepts behind mail
encryption. It is important to read to get some feeling of how mail
encryption actually works and what its caveats and limitations are. PGP
(Pretty Good Privacy) is the protocol we shall use for e-mail
encryption. This protocol allows us to digitally sign and encrypt mail
messages. It works on an end-to-end basis: messages will be encrypted on
your own computer and will only be decrypted by the recipient of the
message. There is no possibility for a 'man-in-the-middle' to decipher
the contents of your encrypted message. This excludes the subject lines
and the 'from' and 'to' addresses, which unfortunately are not encrypted
in this protocol.

    http://en.flossmanuals.net/basic-internet-security/ch027_mail-encryption-gpg/

Nick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20121109/e6da7cdc/attachment.pgp>

More information about the Freedombox-discuss mailing list