Secure and Trusted Email

Be a good email citizen by using Pretty Good Privacy (PGP) to sign and encrypt your email.

Why use it?

Automated systems will get better and better at looking at our data. It is trivial to read email over most networks, but we assume that they are personal. Using Pretty Good Privacy (PGP) will make your email private and personal.

Is it difficult?

No, but it is complicated. The confusing thing about all of this is we don't have a very good language around these ideas of privacy and trust in a networked world.

A story....

Maggi and Jake are friends and start writing eachotehr letters that they mail back and forth from Spain to the States. Jake talks about his amazing job in industrial design, and Maggi gose on about the taste and smells of Spain.

Jake gets an ergent letter from Maggi asking for $2,000 for a legal matter. Jake quickly follows the instructions and wires the money.

Jake can trust that the letter is from Maggi for all of these reasons:

Jake recognizes the envelope and stationary
Jake recognizes Maggi's hand writing
Jake can smell a faint hint of lylack which reminds him of Maggi
Jake sees the canceld stamp being the same as every letter
Jake can sense her tone and grammer in the letter
The letter references a previous conversation
$2,000, though a lot, is something reasonable

All of that information allows Jake to trust the mail from Maggi, but none of these points work in a digital world. The phisical traits of the letter are gone, and the grammer an references can be programatically generated.

How It Works

As simple as I can make it:

You create a secret key and a public key.
(A bunch of text that looks like gibberish.)
This secret key you do not share with anyone else.
This public key you share with everyone.
With your secret you can sign documents.
Using your public key anyone can validate your signature.
With your public key people can scramble messages that only your secret key can unscrable.

Create your secret and public stuff

Windows: http://www.gpg4win.org/

Macintosh: http://www.gpgtools.org/

If you are using Thundirbird as your email client, then go down to the Thundirbird - Enigmail section.

Macintosh Mail

Using Apple Mail and Pretty Good Privacy (PGP) is very easy with the Apple Mail Plugin PGPMail, but you do need to create your secret and public stuff first.

Thundirbird - EnigMail

If you are using Thundirbird you are in luck! EnigMail is a Thundirbird extenstion that has an easy to use wizard to guide you though the process of making your private and public certificate.