Jonathan's Quick Guide to PGP
Posted: Sat Mar 12, 2005 7:07 pm
If you can't be bothered to read up on the basics of public key encryption but you still want to use PGP or GPG to send and receive digitally signed or encrypted mail, then this article should cover the bare minimum you need to get started.
First, once you have chosen an encryption client and a mailer (I recommend GPG with Thunderbird plus Enigmail), self-signed your key, and generated a public/private keypair, you must make your public key public. If anyone is to verify your signed emails, they must have your public key. If anyone is to send you encrypted emails, they must have your public key. Post your public key on the web or email it to your friends.
Second, you should download the public keys of your friends and add them to your encryption client. If your client has a concept of trust, you should edit the trust of your friends' public keys.
Third, get your friends to sign your key. Key signatures serve as proofs of identify. By signing your key, I am telling the whole world that I believe that you are who you say you are, so they don't have to take just your word for it. This is even more important when you start exchanging signed and encrypted email with people whom you haven't met.
Fourth, sign the keys of your friends.
Fifth, if you are using Enigmail and want to be standards-compliant, change your default settings to always use PGP/MIME.
If you want to experiment, my public key is located here:
http://jonathan.pearce.name/jdpearce_keys
I am always willing to exchange signed or encrypted email.
For more information, consult the help files of your software.
http://www.gnupg.org/gph/en/manual.html
First, once you have chosen an encryption client and a mailer (I recommend GPG with Thunderbird plus Enigmail), self-signed your key, and generated a public/private keypair, you must make your public key public. If anyone is to verify your signed emails, they must have your public key. If anyone is to send you encrypted emails, they must have your public key. Post your public key on the web or email it to your friends.
Second, you should download the public keys of your friends and add them to your encryption client. If your client has a concept of trust, you should edit the trust of your friends' public keys.
Third, get your friends to sign your key. Key signatures serve as proofs of identify. By signing your key, I am telling the whole world that I believe that you are who you say you are, so they don't have to take just your word for it. This is even more important when you start exchanging signed and encrypted email with people whom you haven't met.
Fourth, sign the keys of your friends.
Fifth, if you are using Enigmail and want to be standards-compliant, change your default settings to always use PGP/MIME.
If you want to experiment, my public key is located here:
http://jonathan.pearce.name/jdpearce_keys
I am always willing to exchange signed or encrypted email.
For more information, consult the help files of your software.
http://www.gnupg.org/gph/en/manual.html