Aug 26 2008
Public Key Encryption
Because I solved the issue I was having with Thunderbird, I’m ready to publish my public key for all and sundry to use.
What does this mean? Well, from now on the emails you receive from me will be digitally signed and with the public key listed below you can confirm that they are from me1. Do I suspect that I’m being the target of multiple email address stealing thieves? No, but I’d rather start now than later when it becomes an issue. Insurance is something you purchase before you need it.
It also means that anyone who goes through the trouble (and it is a bit of trouble, no matter what the websites say) to set up encryption on their email will be able to exchange fully encrypted emails with me. Do I suspect that some nefarious group is snooping on my emails? No (although my company explicitly says they have that right, as does my ISP, as does the NSA, FBI, law enforcement…), but I’d rather keep my private conversations private, from anyone. As it is right now, your emails flying around the ether are open for snooping by anybody who really wants to. Sure, innocent people have nothing to fear, but we shouldn’t tacitly agree to the snooping. I am not. I want to spread the encryption meme about and make it that much more difficult to access my communications.
Join me in making it more difficult for the government, or anyone else for that matter, to monitor us. I promise that in the next few weeks, I’ll post a how-to for setting up public key encryption using Mozilla Thunderbird and GnuPG. There was a learning curve for me because most of the tutorials were written by and for people who spend a lot of time in front of a command line interface. I think there’s a market for a how-to that’s a bit more explicit.
1This requires software. You don’t just check that public key against my email. As I say in paragraph three of this post, this is a bit of trouble to set up, but relatively seamless once it is
—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1.4.9 (MingW32)
mQGiBEicoXYRBACFu+jc9qi7AQk8ZavFF6R7fDf0ILQPiMC7XEN9JATqaVKwvx1K
OE4W5YlwXbDSPqO+C+1JLRvygvRJl2aM8v5hMMAvurtN9O1Zhgyp0Xotkibv2Xz9
iiZHGsSkuw3TNg31U5y78RIeH6GWg33beJEnYCngVpxaQjJX7AdFrgKovwCgu9a3
ROsuXuc7×8sPrV+Vt6J9WW0D/jvPwRZ4bK3dXG+CrwIdtNMaxZhdQJWn73QVX3gG
fdPxg2JyUqcKPPV8KFWRvN81KhfY78aqeVLeiKmDjhUbWvp6cRHCBcnD5iPUb4fQ
wOrO080XHob4pqUMXQhDtOqZ7OTabXPN0h9ftimKy7XeaFgu3FTtJs3eKytFSYVQ
vIgTA/9/TyZ2+d5Pa1MYOAJCRkX6xFOA+qgR4OEzYNtZFhvHQ0zOBoZFrGCexic+
SwdtNKPIe+sAdm5oz0TcSydUzIuzhIM7PNGj564A2fZPJ3DINXCwBbTqWRn2Ud6L
R0cc7kkC5H955KpCzbRVqAhnt/Iz4vXYJpTKCQnHbM/oiBRPq7QuV2lsbGlhbSBS
dWhzYW0gKFNlY29uZCBLZXkpIDxicnVoc2FtQGpid3IubmV0PohgBBMRAgAgBQJI
nKF2AhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQSU8nHMQiwmnV6ACdGEt+
8k9h37FRZXHIiPrBMYAxvqcAmwUgU37qxtNHbCC4rWg7UB1HtUSZuQINBEicoXYQ
CACO3QR0ESBEf5DB0uo8pkotVCxpAKYzqVaveYvVnqOD6Y3ijuSZKyVLajwbjY8V
u9PsTnDC9k0reb/imFCjeZ/QHmuNn33cAizq/qqqpjmEx6FUbHfvyp8TZrEt0BEC
SQ8NExBqfR3waD9DzZL4bDh10fdNcEekh/bp5ZoTiciofPi/QafrrEl+jzR1gqAi
7GorDr+G8ZLhrqZa7G9YbB7q1DvD6BoLQmrXzi2dV3ggjvwuCFoWZAdSBvyHd5mu
YsWFx9YH9GCkE1avBJ5QeyiQWdR9BfMZLsoo+lwJo+biGIhlvYTnzrWeIYCsFtSh
DTrXrYseI2pR2k2gggp9Nx3DAAMFB/9ZFKR/AVBW5FAPigYjLy9EmbOniPKC+e0n
nlFK+ig9ixMh1e+FHfUgjWPV0MDWTySL78bFvKl4/5+j5w/K+h+B73QiR2PUU2vZ
D2jUDeb9wz8Dv6Jn+pw05uXmXidUO29ds9Wek9G9V11hcEDGfGFHTp0EQanAu9TR
y7xG5vyCZLdRnTn9rUJ60EIeQopsNhJqZltbYlKVM99F1cQCrnfKwTZKjfUOfypw
9auol47tJiGnpTdrJNDv7ShlFV/dMOXfsRunKu8S8VnVkWive6kzrp3fmGeCFBwg
vLnL1u7IOU2ZnqDpOC5jyLVk9a70201yabQ8vIEPGgcjEsCZAYfkiEkEGBECAAkF
AkicoXYCGwwACgkQSU8nHMQiwmkawwCgkQbLuvVPy12TExfVmqV2mcZT3X8An3yT
xGNum2P26iTEZIpLurr2C/Nb
=PS3a
—–END PGP PUBLIC KEY BLOCK—–
Of course how do I know that the post above is really from the person I think it is? What if this is the Public Key of some other yahoo named Bill Ruhsam?
As a reasonably computer saavy person, I found the Thunderbird, GnuPG, Enigmail setup to be quite painless. I just wish Outlook had a reasonably effective equivalent. The only one I could find is either 3 years old and badly implemented or costs $$$. I guess I’ll have to manually decrypt anything you send to me at work.
I was running Enigmail with the old Mozilla mail client something like five years ago, and it was a pain in the ass.
I agree that it’s better to snatch back your privacy earlier rather than later, so I’ll help spread the meme. But first, I anxiously await your tutorial. Hopefully you had a much easier time of it than I did five years ago.
Bill, I think you’ve got some odd character encoding going on. Can you post this in a plain text block or something?
Rachel: Yeah. I’ve learned another few things since this post, including that i can’t just copy/paste the PGP public key block. My blog software apparently takes the —–BEGIN PUBLIC KEY—– and changes it to — –BEGIN PUBLIC KEY— – which doesn’t work as well.
Jim: Engimail is practically seamless in my experience now. Once you do the initial settings and setup your keys, I hardly notice it’s there. I haven’t tried multiple person key management yet, though.
Chris: Outlook uses S/MIME and doesn’t support GnuPG. I understand that there are ways that I can work around that from the non-outlook end, but what it means for the Outlook user is that you’d have to get a Certificate either from a certificate authority (there are free ones available) or that your company might give you one. There are all sorts of issues dealing with corporate mail encryption. Way too many to deal with in a comment.
[...] to Bill for finally pushing me over the edge to secure email communications, I have transitioned to the use [...]
[...] my system to send encrypted emails. My reasons, to be brief, are very much the same that Bill discussed some weeks ago. The most succinct reason is: “The same reason that most paper mail [...]