I’ve finally decided to do it. After taking a while trying to figure out whether I should digitally sign all my email or not, I’ve decided that, Yes, I will …
I’m using GPG, as should you! My public key is available here and on the key servers.
All email you receive from me (as of yesterday) will be digitally signed with this key – which means that, assuming you install GPG:
- You can be sure the message was really from me (and not generated by a worm or virus or A Bad Person);
- You can be sure that the message has not been modified, corrupted or tampered-with.
If you want to use GPG under Windows, you should probably install Mozilla Thunderbird (or use the Mail client in the Mozilla suite) and install GPG and Enigmail. This setup works very well. There are GPG plugins for some other email clients, but please don’t try to make it work under Outlook Express – this email client is so insecure to start with that it’s really not worth the effort!
If you want to use GPG under Linux, you can try the Thunderbird/Enigmail setup, or use Mutt. Another possibility is KMail (which is part of KDE) and it intergrates with GPG very well.
If you are not using a GPG-enabled email client, then you will see “BEGIN PGP SIGNED MESSAGE” and other ‘cruft’ in the message. You can ignore this – this is the stuff that GPG uses to verify the integrity and origin of the message.
whats the best way to set this up for reading/signing with hotmail?
PermalinkThere are a few options – the simplest would be to use inline signatures and copy and paste text between Hotmail and a GPG client. Or you can access Hotmail via Outlook Express (shudder) and use some GPG plugin for that, if one exists.
You could also fork out money to Hotmail to get POP3 access to your mailbox, and use a Real Mail Client like Thunderbird which has GPG support, or use a script like gotmail which will grab your mail from Hotmail and put it in a sensible mailbox format.
PermalinkYou should use a proper client like those mentioned instead of web based email services such as hotmail. Some of these services send HTML mail, which can invalidate a signature. It should not be a problem if the HTML option can be turned off.
Permalink