Enigmail Forum

[Poser]

First, congrats to those devoted to keeping privacy out of the hands of peepers and gov't or are they one and the same

Second, I'm sure there are many who don't have a clue what many of the tech-ese words and phrases in the manual actually mean. I became frustrated after spending too many hours trying and testing and uninstalled. The program leaves a lot of unknowns. For example, I came across Signature things as well as getting certificates. I had no idea what they were, are for, or if I need to whip out my credit card, or even how much that stuff might cost.

I would like to give it another try if there is a simple step x step approach to using Enigmail.

I would like to just click "encrypt" and have the email I'm sending viewable by the recipient email and only him/her.

To my question: Does the recipient need to have Enigmail on their end in order to receive/view the encrypted email? The manual isn't clear on this.

TA

[john]

No, the recipient doesn't need a mail client with Enigmail although that would make things easier.

Some mail clients, like mutt, hook into GnuPG natively.

Without the encyption hooks that Enigmail provide, the user must do additional steps to decrypt your message such as copying it to the Windows clipboard or saving it to a text file first.

One thing that's not mentioned in your post, and may be self-evident, but before you can send someone encrypted mail, they must at minimum install GnuPG or PGP, generate a key, and make that key available to you.

[john]

BTW, one other point, if you desire to read the message you have sent, you need to remember to also encrypt it to your key.

[Poser]

No, the recipient doesn't need a mail client with Enigmail although that would make things easier.

John, thank you for that quick reply. I'm still confused. I receive emails in my Outlook from gov't people that begins with

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1"

Clearly, it is a signed PGP message - whatever that mans The message concludes with a bunch of stuff about a signature followed by a long line of random characters - I assume to be a key of sorts - which I am confident I should not publish here . Without effort, I just open and read the email - no probelms and that was before any PGP/Enigmail or the likes was installed on my comp. Is that just a feature for gov't only or does Enigmail offer the same ease where I can just read the email without the copy & paste into a clipboard or whatever?

[john]

What you're assuming to be random isn't. It's called base-64 encoding - it's a mechanism for encoding binary content as characters for email. The characters used are the upper- and lower-case Roman alphabet characters (A–Z, a–z), the numerals (0–9), and the "+" and "/" symbols, with the "=" symbol as a special suffix code.

It's not a key. That's what a signature looks like.

OE/Outlook has always been a problem. If you are using windows you may use the 'Current Window' or clipboard functionality of WinPT or GPGshell to verify the signature. You may need to download the signing key from a keyserver.

There is a GnuPG plugin for Outlook/Outlook Express called GPGoe you may wish to investigate. Beyond that, you're limited to the commercial (paid) releases of PGP.

[asmith3006]

Clearly, it is a signed PGP message - whatever that mans The message concludes with a bunch of stuff about a signature followed by a long line of random characters - I assume to be a key of sorts - which I am confident I should not publish here .

You can publish that signature anywhere you like. It doesn't give anything away at all. It's completely useless without the e-mail message. The signature is used to verify that the message has not been altered since it was sent and that it is from the person who owns a specific key.

It's up to you if you trust the key.