[enc-live.git] / en / workshops.html

<!DOCTYPE html>
<html>
	<head>
			<meta http-equiv="content-type" content="text/html; charset=utf-8" />

			<title>Email Self-Defense - Teach your friends!</title>
			<meta name="keywords" content="GnuPG, GPG, openpgp, surveillance, privacy, email, Enigmail" />
      <meta name="description" content="Email surveillance violates our fundamental rights and makes free speech risky. This guide will teach you email self-defense in 30 minutes with GnuPG." />

      <meta name="viewport" content="width=device-width, initial-scale=1" />
			<link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
  		<link rel="shortcut icon" href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />

	</head>
	<body>

<!-- ~~~~~~~~~ GnuPG Header and introduction text  ~~~~~~~~~ -->

		<header class="row"  id="header">
			<div>
			  <h1>Email Self-Defense</h1>

<!-- Languages removed until we have translations-->

                          <ul id="menu" class="os">
			    <li class="spacer">
                              <a href="index.html">GNU/Linux</a>
                            </li>
			    <li>
                              <a href="mac.html">Mac OS</a>
                            </li>
			    <li>
                              <a href="windows.html">Windows</a>
                            </li>
<li class="spacer"><a href="workshops.html" class="current">Lead a Workshop</a></li>
			    <li class="spacer">
                              <a href="https://fsf.org/share?u=https://u.fsf.org/zb&amp;t=Email encryption for everyone via %40fsf">
                                 Share&nbsp;
                                <img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
                                     class="share-logo" alt="[GNU Social]">&nbsp;
                                 <img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
                                      class="share-logo" alt="[Pump.io]">&nbsp;
                                 <img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png"
                                      class="share-logo" alt="[Reddit]">&nbsp;
                                 <img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png"
                                      class="share-logo" alt="[Hacker News]">
                              </a>
                            </li>
														<li class="spacer">V4.0</li>
			  </ul>
				<!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
				<div id="fsf-intro">
				  <h3>
                                    <a href="http://u.fsf.org/ys">
                                      <img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png">
                                    </a>
                                  </h3>
                                  <div class="fsf-emphasis">
                                    <p>
                                      We fight for computer users'
rights, and promote the development of free (as in freedom) software.
Resisting bulk surveillance is very important to us.
                                    </p>
                                    <p>
                                      <strong>
                                        We want to translate this guide
into more languages, and make a version for encryption on mobile
devices. Please donate, and help people around the world take the first
step towards protecting their privacy with free software.
                                      </strong>
                                    </p>
                                  </div>

					<p><a href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&amp;id=14&amp;pk_campaign=email_self_defense&amp;pk_kwd=guide_donate"><img alt="Donate" src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png"></a>  </p>

				</div><!-- End #fsf-intro -->

				<!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
				<div class="intro">
					<p>
						<a id="infographic" href="https://emailselfdefense.fsf.org/en/infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png" alt="View &amp; share our infographic →"></a>
					<p>Understanding and setting up email encryption sounds like a daunting task to many people. That's why helping your friends with GnuPG plays such an important role in helping spread encryption. Even if only one person shows up, that's still one more person using encryption who wasn't before. You have the power to help your friends keep their digital love letters private, and teach them about the importance of free software. If you use GnuPG to send and receive encrypted email, you're a perfect candidate for leading a workshop!</p>

				</div><!-- End .intro -->

			</div>
		</header><!-- End #header -->

<!-- ~~~~~~~~~ Section 1: Get your friends or community interested>  ~~~~~~~~~ -->
		<section class="row" id="section1">
			<div>
					<!-- ~~~~~~~~~ section introduction: interspersed text  ~~~~~~~~~ -->
				<div class="section-intro">
						<h2><em>#1</em> Get your friends or community interested </h2>
						<p>If you hear friends grumbling about their lack of privacy, ask them if they're interested in attending a workshop on Email Self-Defense. If your friends don't grumble about privacy, they may need some convincing. You might even hear the classic "If you've got nothing to hide, you've got nothing to fear" argument against using encryption.</p>
						<p>Here are some arguments you can use to help explain why it's worth it to learn GnuPG. Feel free to mix and match whichever you think will make sense to your community:</p>

				</div><!-- End .section-intro -->

                                <div id="step-aa" class="step">
                                        <div class="main">
                                                <h3>Strength in numbers</h3>
                                                <p>Each person who chooses to resist mass surveillance with encryption makes it easier for others to resist as well. People normalizing the use of strong cryptography has multiple powerful effects: It means those that truly need it, like potential whistle-blowers and activists, are more likely to learn about it. More people using it for more things also makes it harder for surveillance systems to single out those that can't afford to be found, and shows solidarity with those people.</p>
                                        </div><!-- End .main -->

                                        <div class="main">
                                                <h3>Respect your friends' privacy</h3>
                                                <p>There's no objective way to judge what constitutes a privacy-sensitive correspondence. As such, it's better not to presume that just because you find an email you sent to a friend innocuous, your friend (or a surveillance agent, for that matter!) feels the same way. Show your friends respect by encrypting your correspondences with them.</p>
                                        </div><!-- End .main -->


                                        <div class="main">
                                                <h3>Privacy technology is normal in the physical world</h3>
                                                <p>In the physical realm, we take window blinds, envelopes, and closed doors for granted as ways of protecting our privacy. Why should the digital realm be any different?</p>
                                        </div><!-- End .main -->


                                        <div class="main">
                                                <h3>People you respect may already be using encryption</h3>
                                                <p>Many journalists, whistleblowers, activists, and researchers use GnuPG, so your friends might unknowingly have heard of a few people who use it already. You can search for "BEGIN PUBLIC KEY BLOCK" + keyword to help make a list of people and organizations who use GnuPG which you community will likely recognize.</p>
                                        </div><!-- End .main -->


                                </div><!-- End #step-2a .step -->

			</div>
		</section><!-- End #section1 -->

<!-- ~~~~~~~~~ Section 2: Plan The Workshop  ~~~~~~~~~ -->
		<section class="row" id="section2">
			<div>
					<!-- ~~~~~~~~~ section introduction: interspersed text  ~~~~~~~~~ -->
				<div class="section-intro">
					<h2><em>#2</em> Plan The Workshop</h2>
					<p>Once you've got at least one interested friend, pick a date and start planning out the workshop. Tell participants to bring their computer and ID (for signing each other's keys). Also tell the participants to bring dice (for making passwords), but also bring a bunch yourself in case they don't. Make sure the location you select has an easily accessible Internet connection, and make backup plans in case the connection stops working on the day of the workshop. Libraries, coffee shops, and community centers make great locations. Try to get all the participants to set up an Enigmail-compatible email client before the event. Direct them to their email provider's IT department or help page if they run into errors.<p>
					<p>Estimate that the workshop will take forty minutes plus ten minutes for each participant, at a minimum. Plan extra time for questions and technical glitches.</p>
					<p>The success of the workshop requires understanding and catering to the unique backgrounds and needs of each group of participants. Workshops should stay small, so that each participant receives more individualized instruction. If more than a handful of people want to participate, keep the facilitator to participant ratio low by recruiting more facilitators, or by facilitating multiple workshops. Small workshops among friends work great!</p>


				</div><!-- End .section-intro -->

			</div>
		</section><!-- End #section2 -->

<!-- ~~~~~~~~~ Section 3: Follow The Guide  ~~~~~~~~~ -->
		<section class="row" id="section3">
			<div>
					<!-- ~~~~~~~~~ section introduction: interspersed text  ~~~~~~~~~ -->
				<div class="section-intro">
						<h2><em>#3</em> Follow the guide as a group</h2>
						<p>Work through the Email Self-Defense guide a step at time as a group. Talk about the steps in detail, but make sure not to overload the participants with minutia. Pitch the bulk of your instructions to the least tech-savvy participants. Make sure all the participants complete each step before the group moves on to the next one. Consider facilitating secondary workshops afterwards for people that had trouble grasping the concepts, or those that grasped them quickly and want to learn more.</p>
						<p>Even powerful surveillance systems can't break private keys when they're protected by lengthy Diceware passphrases. Make sure participants use the Diceware method, if dice are available. Stress the importance of eventually destroying the piece of paper the Diceware password is written on, and make sure all the participants back up their revocation certificates.</p>
						<p>In step 2, make sure the participants upload their keys to the same keyserver so that they can immediately download each other's keys later (sometimes there is a delay in synchronization between keyservers). During Step 3, give the participants the option to send encrypted messages to each other instead of or as well as Edward. Similarly, in Step 4, encourage the participants to sign each other's keys.</p>

				</div><!-- End .section-intro -->
			</div>
		</section>


<!-- ~~~~~~~~~ Section 3: Sign Keys  ~~~~~~~~~ -->
		<section class="row" id="section4">
			<div>
					<!-- ~~~~~~~~~ section introduction: interspersed text  ~~~~~~~~~ -->
				<div class="section-intro">
						<h2><em>#3</em> Sign Keys</h2>
						<p>Emphasize the distinction between trusting a person subjectively, and seeing whose keys they've signed objectively. Without a proper understanding of trust, the beautiful transative trust properties of the web of trust are lost. Since trust is an internal and subjective thing, it's unnecessary for participants to share how much they trust another participant with anyone else.</p>

<p>Have the participants download each other's keys, read out their own fingerprints, and present their IDs to each other. Help participants navigate the interface to sign each other's keys, and encourage participants to assign each other trust levels if they already know each other.</p>


				</div><!-- End .section-intro -->

				<!-- ~~~~~~~~~ a div for each step  ~~~~~~~~~ -->
				<div id="step-4a" class="step">
					<div class="sidebar">
						<p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section4-web-of-trust.png" alt="Section 4: Web of Trust"></p>
					</div><!-- /.sidebar -->
					<div class="main">
						<h3><em>Step 4.a</em> Sign a key</h3>
						<p>In your email program's menu, go to Enigmail → Key Management.</p>
						<p>Right click on Edward's public key and select Sign Key from the context menu.</p>
						<p>In the window that pops up, select "I will not answer" and click ok.</p>
						<p>Now you should be back at the Key Management menu. Select Keyserver → Upload Public Keys and hit ok.</p>
						<p class="notes">You've just effectively said "I trust that
Edward's public key actually belongs to Edward." This doesn't mean much
because Edward isn't a real person, but it's good practice.</p>


						<!--<div id="pgp-pathfinder">
							<form enctype="application/x-www-form-urlencoded" action="/mk_path.cgi" method="get">
								<p><strong>From:</strong> <input type="text" placeholder="xD41A008"  name="FROM"></p>
								<p><strong>To:</strong> <input type="text" placeholder="50BD01x4" name="TO"></p>
								<p class="buttons"><input type="submit" value="trust paths" name="PATHS"> <input type="reset" value="reset" name=".reset"></p>
							</form>
						</div><!-- End #pgp-pathfinder -->

					</div><!-- End .main -->
				</div><!-- End #step-4a .step -->

				<!-- ~~~~~~~~~ a div for each step  ~~~~~~~~~ -->
				<div id="step-sign_real_keys" class="step">
					<div class="main">
						<h3><em>Important:</em> check people's identification before signing their keys</h3>
						<p>Before signing a real person's key, always make sure it
actually belongs to them, and that they are who they say they are. Ask
them to show you their ID (unless you trust them very highly) and their
public key fingerprint -- not just the shorter public key ID, which
could refer to another key as well. In Enigmail, answer honestly in the
window that pops up and asks "How carefully have you verified that the
key you are about to sign actually belongs to the person(s) named
above?".</p>
					</div><!-- End .main -->
				</div><!-- End #step-sign_real_keys .step-->


			</div>
		</section><!-- End #section4 -->

<!-- ~~~~~~~~~ Section 4: Explain The Pitfalls  ~~~~~~~~~ -->
		<section id="section5" class="row">
			<div>
					<!-- ~~~~~~~~~ section introduction: interspersed text  ~~~~~~~~~ -->
				<div class="section-intro">
						<h2><em>#4</em> Explain the pitfalls</h2>
<p>Remind participants that encryption works only where it's explicitly used; they won't be able to send an encrypted email to someone who hasn't set up encrption already. Also remind them to make sure encryption is selected before hitting send. Explain metadata to the participants, and advise them to use bland-sounding subject lines.</p>

<p>Advocate for free software, for without it, we can't meaningfully resist invasions of our digital privacy and autonomy. Explain the  <a href="http://www.gnu.org/philosophy/proprietary-surveillance.html">dangers</a> of running a proprietary system, and why GnuPG can't begin to mitigate them.</p>
				</div><!-- End .section-intro -->


			</div>
		</section><!-- End #section5 -->


<!-- ~~~~~~~~~ Section 6: Next steps  ~~~~~~~~~ -->
		<section class="row" id="section6">
			<div id="step-click_here" class="step">
					<div class="main">
					  <h2><a href="https://emailselfdefense.fsf.org/en/next_steps.html">Great job! Check out the next steps.</a></h2>

					</div><!-- End .main -->
				</div><!-- End #step-click_here .step-->

		</section><!-- End #section6 -->

<!-- ~~~~~~~~~ FAQ  ~~~~~~~~~ -->
<!-- When un-commenting this section go to main.css and search
		for /* Guide Sections Background */ then add #faq to the desired color

		<section class="row" id="faq">
			<div>
				<div class="sidebar">
					<h2>FAQ</h2>
				</div>

				<div class="main">
					<dl>
						<dt>My key expired</dt>
							<dd>Answer coming soon.</dd>

						<dt>Who can read encrypted messages? Who can read signed ones?</dt>
							<dd>Answer coming soon.</dd>

						<dt>My email program is opening at times I don't want it to open/is now my default program and I don't want it to be.</dt>
							<dd>Answer coming soon.</dd>
					</dl>
				</div>
			</div>
		</section> --><!-- End #faq -->

<!-- ~~~~~~~~~ Footer  ~~~~~~~~~ -->
		<footer class="row" id="footer">
			<div>
				<div id="copyright">
					<h4><a href="https://u.fsf.org/ys"><img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
					<p>Copyright &copy; 2014-2015 <a href="https://u.fsf.org/ys">Free Software Foundation</a>, Inc. <a href="https://my.fsf.org/donate/privacypolicy.html">Privacy Policy</a>. <a href="https://u.fsf.org/yr">Join.</a></p>
                                        <p><em><a href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">Source code of Edward reply bot by Josh Drake &lt;zamnedix@gnu.org&gt; available under the GNU General Public License.</a></em></p>
<p>The images on this page are under a <a href="https://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 license (or later version)</a>, and the rest of it is under a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons Attribution-ShareAlike 4.0 license (or later version)</a>. &mdash; <a href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these licenses?</a></p>
					<p>Download the source package for <a href="emailselfdefense_source.zip">this guide</a>. Fonts used in the guide &amp; infographic: <a href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> by Pablo Impallari, <a href="http://www.google.com/fonts/specimen/Signika">Signika</a> by Anna Giedry&#347;, <a href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo Narrow</a> by Omnibus-Type, <a href="http://www.thegopherarchive.com/gopher-files-hacks-pxl2000-119351.htm">PXL-2000</a> by Florian Cramer.</p>
                                        <p>
                                          <a href="//weblabels.fsf.org/emailselfdefense.fsf.org/"
                                             rel="jslicense">
                                            JavaScript license information
                                          </a>
                                        </p>
				</div><!-- /#copyright -->
				<p class="credits">
					Infographic and guide design by <a rel="external" href="http://jplusplus.org"><strong>Journalism++</strong> <img src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png" alt="Journalism++" /></a>
				</p><!-- /.credits -->
			</div>
		</footer><!-- End #footer -->

		<script src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
		<script src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>

                <!-- Piwik -->
                <script type="text/javascript">
                 /*
                 @licstart The following is the entire license notice for the
                    JavaScript code in this page.

                 Copyright 2014 Matthieu Aubry

                  This program is free software: you can redistribute it and/or modify
                 it under the terms of the GNU General Public License as published by
                 the Free Software Foundation, either version 3 of the License, or
                 (at your option) any later version.

                  This program is distributed in the hope that it will be useful,
                 but WITHOUT ANY WARRANTY; without even the implied warranty of
                 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                 GNU General Public License for more details.

                  You should have received a copy of the GNU General Public License
                 along with this program.  If not, see http://www.gnu.org/licenses/.

                  @licend The above is the entire license notice
                     for the JavaScript code in this page.
                 */
                 var _paq = _paq || [];
                 _paq.push(["setDocumentTitle", document.domain + "/" + document.title]);
                 _paq.push(["setCookieDomain", "*.www.fsf.org"]);
                 _paq.push(["setDomains", ["*.www.fsf.org","*.www.fsf.org"]]);
                 _paq.push(["trackPageView"]);
                 _paq.push(["enableLinkTracking"]);

                 (function() {
                   var u=(("https:" == document.location.protocol) ? "https" : "http") + "://piwik.fsf.org/";
                   _paq.push(["setTrackerUrl", u+"piwik.php"]);
                   _paq.push(["setSiteId", "5"]);
                   var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0]; g.type="text/javascript";
                   g.defer=true; g.async=true; g.src=u+"piwik.js"; s.parentNode.insertBefore(g,s);
                 })();
                </script>
                <!-- End Piwik Code -->
	</body>
</html>
Commit	Line	Data
b592e92f ZR	1	<!DOCTYPE html>
	2	<html>
	3	<head>
	4	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
	5
6078cb8e	6	<title>Email Self-Defense - Teach your friends!</title>
b592e92f ZR	7	<meta name="keywords" content="GnuPG, GPG, openpgp, surveillance, privacy, email, Enigmail" />
	8	<meta name="description" content="Email surveillance violates our fundamental rights and makes free speech risky. This guide will teach you email self-defense in 30 minutes with GnuPG." />
	9
	10	<meta name="viewport" content="width=device-width, initial-scale=1" />
	11	<link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
	12	<link rel="shortcut icon" href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
	13
	14	</head>
	15	<body>
	16
	17	<!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
	18
	19	<header class="row" id="header">
	20	<div>
b0307a74	21	<h1>Email Self-Defense</h1>
b592e92f	22
77fcfb4a	23	<!-- Languages removed until we have translations-->
b592e92f ZR	24
	25	<ul id="menu" class="os">
	26	<li class="spacer">
a492b0f1	27	<a href="index.html">GNU/Linux</a>
b592e92f ZR	28	</li>
	29	<li>
	30	<a href="mac.html">Mac OS</a>
	31	</li>
	32	<li>
	33	<a href="windows.html">Windows</a>
	34	</li>
c54f9fc3	35	<li class="spacer"><a href="workshops.html" class="current">Lead a Workshop</a></li>
b592e92f ZR	36	<li class="spacer">
	37	<a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email encryption for everyone via %40fsf">
	38	Share
	39	<img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
	40	class="share-logo" alt="[GNU Social]">
	41	<img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
	42	class="share-logo" alt="[Pump.io]">
	43	<img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png"
	44	class="share-logo" alt="[Reddit]">
	45	<img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png"
	46	class="share-logo" alt="[Hacker News]">
	47	</a>
c54f9fc3	48	</li>
b0307a74	49	<li class="spacer">V4.0</li>
b592e92f ZR	50	</ul>
	51	<!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
	52	<div id="fsf-intro">
	53	<h3>
	54	<a href="http://u.fsf.org/ys">
119c61ca	55	<img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png">
b592e92f ZR	56	</a>
	57	</h3>
	58	<div class="fsf-emphasis">
	59	<p>
	60	We fight for computer users'
	61	rights, and promote the development of free (as in freedom) software.
	62	Resisting bulk surveillance is very important to us.
	63	</p>
	64	<p>
	65	<strong>
	66	We want to translate this guide
	67	into more languages, and make a version for encryption on mobile
	68	devices. Please donate, and help people around the world take the first
	69	step towards protecting their privacy with free software.
	70	</strong>
	71	</p>
	72	</div>
	73
119c61ca	74	<p><a href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img alt="Donate" src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png"></a> </p>
b592e92f ZR	75
	76	</div><!-- End #fsf-intro -->
	77
	78	<!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
	79	<div class="intro">
	80	<p>
	81	<a id="infographic" href="https://emailselfdefense.fsf.org/en/infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png" alt="View & share our infographic →"></a>
6078cb8e	82	<p>Understanding and setting up email encryption sounds like a daunting task to many people. That's why helping your friends with GnuPG plays such an important role in helping spread encryption. Even if only one person shows up, that's still one more person using encryption who wasn't before. You have the power to help your friends keep their digital love letters private, and teach them about the importance of free software. If you use GnuPG to send and receive encrypted email, you're a perfect candidate for leading a workshop!</p>
b592e92f ZR	83
	84	</div><!-- End .intro -->
	85
	86	</div>
	87	</header><!-- End #header -->
	88
cebc04ac	89	<!-- ~~~~~~~~~ Section 1: Get your friends or community interested> ~~~~~~~~~ -->
b592e92f ZR	90	<section class="row" id="section1">
	91	<div>
	92	<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
	93	<div class="section-intro">
cebc04ac AL	94	<h2><em>#1</em> Get your friends or community interested </h2>
	95	<p>If you hear friends grumbling about their lack of privacy, ask them if they're interested in attending a workshop on Email Self-Defense. If your friends don't grumble about privacy, they may need some convincing. You might even hear the classic "If you've got nothing to hide, you've got nothing to fear" argument against using encryption.</p>
	96	<p>Here are some arguments you can use to help explain why it's worth it to learn GnuPG. Feel free to mix and match whichever you think will make sense to your community:</p>
b592e92f ZR	97
b592e92f ZR	98	</div><!-- End .section-intro -->
c8a179b6 AL	99
	100	<div id="step-aa" class="step">
	101	<div class="main">
d4a7d4c9	102	<h3>Strength in numbers</h3>
367b6cec	103	<p>Each person who chooses to resist mass surveillance with encryption makes it easier for others to resist as well. People normalizing the use of strong cryptography has multiple powerful effects: It means those that truly need it, like potential whistle-blowers and activists, are more likely to learn about it. More people using it for more things also makes it harder for surveillance systems to single out those that can't afford to be found, and shows solidarity with those people.</p>
c8a179b6	104	</div><!-- End .main -->
d4a7d4c9 AL	105
	106	<div class="main">
	107	<h3>Respect your friends' privacy</h3>
	108	<p>There's no objective way to judge what constitutes a privacy-sensitive correspondence. As such, it's better not to presume that just because you find an email you sent to a friend innocuous, your friend (or a surveillance agent, for that matter!) feels the same way. Show your friends respect by encrypting your correspondences with them.</p>
	109	</div><!-- End .main -->
	110
	111
	112	<div class="main">
	113	<h3>Privacy technology is normal in the physical world</h3>
	114	<p>In the physical realm, we take window blinds, envelopes, and closed doors for granted as ways of protecting our privacy. Why should the digital realm be any different?</p>
	115	</div><!-- End .main -->
	116
	117
	118	<div class="main">
	119	<h3>People you respect may already be using encryption</h3>
	120	<p>Many journalists, whistleblowers, activists, and researchers use GnuPG, so your friends might unknowingly have heard of a few people who use it already. You can search for "BEGIN PUBLIC KEY BLOCK" + keyword to help make a list of people and organizations who use GnuPG which you community will likely recognize.</p>
	121	</div><!-- End .main -->
	122
	123
c8a179b6 AL	124	</div><!-- End #step-2a .step -->
c8a179b6 AL	125
b592e92f	126	</div>
c8a179b6	127	</section><!-- End #section1 -->
b592e92f	128
2a2efbd7	129	<!-- ~~~~~~~~~ Section 2: Plan The Workshop ~~~~~~~~~ -->
b592e92f ZR	130	<section class="row" id="section2">
	131	<div>
	132	<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
	133	<div class="section-intro">
2a2efbd7 AL	134	<h2><em>#2</em> Plan The Workshop</h2>
	135	<p>Once you've got at least one interested friend, pick a date and start planning out the workshop. Tell participants to bring their computer and ID (for signing each other's keys). Also tell the participants to bring dice (for making passwords), but also bring a bunch yourself in case they don't. Make sure the location you select has an easily accessible Internet connection, and make backup plans in case the connection stops working on the day of the workshop. Libraries, coffee shops, and community centers make great locations. Try to get all the participants to set up an Enigmail-compatible email client before the event. Direct them to their email provider's IT department or help page if they run into errors.<p>
	136	<p>Estimate that the workshop will take forty minutes plus ten minutes for each participant, at a minimum. Plan extra time for questions and technical glitches.</p>
	137	<p>The success of the workshop requires understanding and catering to the unique backgrounds and needs of each group of participants. Workshops should stay small, so that each participant receives more individualized instruction. If more than a handful of people want to participate, keep the facilitator to participant ratio low by recruiting more facilitators, or by facilitating multiple workshops. Small workshops among friends work great!</p>
b592e92f	138
b592e92f	139
b592e92f ZR	140	</div><!-- End .section-intro -->
b592e92f ZR	141
b592e92f ZR	142	</div>
	143	</section><!-- End #section2 -->
	144
f639bad8	145	<!-- ~~~~~~~~~ Section 3: Follow The Guide ~~~~~~~~~ -->
b592e92f ZR	146	<section class="row" id="section3">
	147	<div>
	148	<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
	149	<div class="section-intro">
f639bad8 AL	150	<h2><em>#3</em> Follow the guide as a group</h2>
	151	<p>Work through the Email Self-Defense guide a step at time as a group. Talk about the steps in detail, but make sure not to overload the participants with minutia. Pitch the bulk of your instructions to the least tech-savvy participants. Make sure all the participants complete each step before the group moves on to the next one. Consider facilitating secondary workshops afterwards for people that had trouble grasping the concepts, or those that grasped them quickly and want to learn more.</p>
	152	<p>Even powerful surveillance systems can't break private keys when they're protected by lengthy Diceware passphrases. Make sure participants use the Diceware method, if dice are available. Stress the importance of eventually destroying the piece of paper the Diceware password is written on, and make sure all the participants back up their revocation certificates.</p>
	153	<p>In step 2, make sure the participants upload their keys to the same keyserver so that they can immediately download each other's keys later (sometimes there is a delay in synchronization between keyservers). During Step 3, give the participants the option to send encrypted messages to each other instead of or as well as Edward. Similarly, in Step 4, encourage the participants to sign each other's keys.</p>
b592e92f ZR	154
b592e92f ZR	155	</div><!-- End .section-intro -->
b592e92f	156	</div>
f639bad8	157	</section>
b592e92f ZR	158
	159
	160	<!-- ~~~~~~~~~ Section 3: Sign Keys ~~~~~~~~~ -->
	161	<section class="row" id="section4">
	162	<div>
	163	<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
	164	<div class="section-intro">
	165	<h2><em>#3</em> Sign Keys</h2>
	166	<p>Emphasize the distinction between trusting a person subjectively, and seeing whose keys they've signed objectively. Without a proper understanding of trust, the beautiful transative trust properties of the web of trust are lost. Since trust is an internal and subjective thing, it's unnecessary for participants to share how much they trust another participant with anyone else.</p>
	167
	168	<p>Have the participants download each other's keys, read out their own fingerprints, and present their IDs to each other. Help participants navigate the interface to sign each other's keys, and encourage participants to assign each other trust levels if they already know each other.</p>
	169
	170
	171
	172	</div><!-- End .section-intro -->
	173
	174	<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
	175	<div id="step-4a" class="step">
	176	<div class="sidebar">
	177	<p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section4-web-of-trust.png" alt="Section 4: Web of Trust"></p>
	178	</div><!-- /.sidebar -->
	179	<div class="main">
	180	<h3><em>Step 4.a</em> Sign a key</h3>
	181	<p>In your email program's menu, go to Enigmail → Key Management.</p>
	182	<p>Right click on Edward's public key and select Sign Key from the context menu.</p>
	183	<p>In the window that pops up, select "I will not answer" and click ok.</p>
	184	<p>Now you should be back at the Key Management menu. Select Keyserver → Upload Public Keys and hit ok.</p>
	185	<p class="notes">You've just effectively said "I trust that
	186	Edward's public key actually belongs to Edward." This doesn't mean much
	187	because Edward isn't a real person, but it's good practice.</p>
	188
	189
	190	<!--<div id="pgp-pathfinder">
	191	<form enctype="application/x-www-form-urlencoded" action="/mk_path.cgi" method="get">
	192	<p><strong>From:</strong> <input type="text" placeholder="xD41A008" name="FROM"></p>
	193	<p><strong>To:</strong> <input type="text" placeholder="50BD01x4" name="TO"></p>
	194	<p class="buttons"><input type="submit" value="trust paths" name="PATHS"> <input type="reset" value="reset" name=".reset"></p>
	195	</form>
	196	</div><!-- End #pgp-pathfinder -->
	197
	198	</div><!-- End .main -->
	199	</div><!-- End #step-4a .step -->
	200
	201	<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
	202	<div id="step-sign_real_keys" class="step">
	203	<div class="main">
	204	<h3><em>Important:</em> check people's identification before signing their keys</h3>
	205	<p>Before signing a real person's key, always make sure it
	206	actually belongs to them, and that they are who they say they are. Ask
	207	them to show you their ID (unless you trust them very highly) and their
	208	public key fingerprint -- not just the shorter public key ID, which
	209	could refer to another key as well. In Enigmail, answer honestly in the
	210	window that pops up and asks "How carefully have you verified that the
	211	key you are about to sign actually belongs to the person(s) named
	212	above?".</p>
	213	</div><!-- End .main -->
	214	</div><!-- End #step-sign_real_keys .step-->
	215
	216
	217
	218	</div>
	219	</section><!-- End #section4 -->
	220
	221	<!-- ~~~~~~~~~ Section 4: Explain The Pitfalls ~~~~~~~~~ -->
222	<section id="section5" class="row">
223	<div>
224	<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
225	<div class="section-intro">
226	<h2><em>#4</em> Explain the pitfalls</h2>
227	<p>Remind participants that encryption works only where it's explicitly used; they won't be able to send an encrypted email to someone who hasn't set up encrption already. Also remind them to make sure encryption is selected before hitting send. Explain metadata to the participants, and advise them to use bland-sounding subject lines.</p>
228
229	<p>Advocate for free software, for without it, we can't meaningfully resist invasions of our digital privacy and autonomy. Explain the <a href="http://www.gnu.org/philosophy/proprietary-surveillance.html">dangers</a> of running a proprietary system, and why GnuPG can't begin to mitigate them.</p>
230	</div><!-- End .section-intro -->
231
232
233	</div>
234	</section><!-- End #section5 -->
235
236
237
238	<!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
239	<section class="row" id="section6">
240	<div id="step-click_here" class="step">
241	<div class="main">
242	<h2><a href="https://emailselfdefense.fsf.org/en/next_steps.html">Great job! Check out the next steps.</a></h2>
243
244	</div><!-- End .main -->
245	</div><!-- End #step-click_here .step-->
246
247	</section><!-- End #section6 -->
248
249	<!-- ~~~~~~~~~ FAQ ~~~~~~~~~ -->
250	<!-- When un-commenting this section go to main.css and search
251	for /* Guide Sections Background */ then add #faq to the desired color
252
253	<section class="row" id="faq">
254	<div>
255	<div class="sidebar">
256	<h2>FAQ</h2>
257	</div>
258
259	<div class="main">
260	<dl>
261	<dt>My key expired</dt>
262	<dd>Answer coming soon.</dd>
263
264	<dt>Who can read encrypted messages? Who can read signed ones?</dt>
265	<dd>Answer coming soon.</dd>
266
267	<dt>My email program is opening at times I don't want it to open/is now my default program and I don't want it to be.</dt>
268	<dd>Answer coming soon.</dd>
269	</dl>
270	</div>
271	</div>
272	</section> --><!-- End #faq -->
273
274	<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
275	<footer class="row" id="footer">
276	<div>
277	<div id="copyright">
8f2f9359	278	<h4><a href="https://u.fsf.org/ys"><img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
866845c9	279	<p>Copyright © 2014-2015 <a href="https://u.fsf.org/ys">Free Software Foundation</a>, Inc. <a href="https://my.fsf.org/donate/privacypolicy.html">Privacy Policy</a>. <a href="https://u.fsf.org/yr">Join.</a></p>
8f2f9359 ZR	280	<p><em><a href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">Source code of Edward reply bot by Josh Drake <zamnedix@gnu.org> available under the GNU General Public License.</a></em></p>
	281	<p>The images on this page are under a <a href="https://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 license (or later version)</a>, and the rest of it is under a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons Attribution-ShareAlike 4.0 license (or later version)</a>. — <a href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these licenses?</a></p>
	282	<p>Download the source package for <a href="emailselfdefense_source.zip">this guide</a>. Fonts used in the guide & infographic: <a href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> by Pablo Impallari, <a href="http://www.google.com/fonts/specimen/Signika">Signika</a> by Anna Giedryś, <a href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo Narrow</a> by Omnibus-Type, <a href="http://www.thegopherarchive.com/gopher-files-hacks-pxl2000-119351.htm">PXL-2000</a> by Florian Cramer.</p>
b592e92f	283	<p>
8f2f9359 ZR	284	<a href="//weblabels.fsf.org/emailselfdefense.fsf.org/"
8f2f9359 ZR	285	rel="jslicense">
b592e92f ZR	286	JavaScript license information
	287	</a>
	288	</p>
	289	</div><!-- /#copyright -->
	290	<p class="credits">
8f2f9359	291	Infographic and guide design by <a rel="external" href="http://jplusplus.org"><strong>Journalism++</strong> <img src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png" alt="Journalism++" /></a>
b592e92f ZR	292	</p><!-- /.credits -->
	293	</div>
	294	</footer><!-- End #footer -->
	295
b0307a74 ZR	296	<script src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
	297	<script src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
	298
b592e92f ZR	299	<!-- Piwik -->
	300	<script type="text/javascript">
	301	/*
	302	@licstart The following is the entire license notice for the
	303	JavaScript code in this page.
	304
	305	Copyright 2014 Matthieu Aubry
	306
	307	This program is free software: you can redistribute it and/or modify
	308	it under the terms of the GNU General Public License as published by
	309	the Free Software Foundation, either version 3 of the License, or
	310	(at your option) any later version.
	311
	312	This program is distributed in the hope that it will be useful,
	313	but WITHOUT ANY WARRANTY; without even the implied warranty of
	314	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	315	GNU General Public License for more details.
	316
	317	You should have received a copy of the GNU General Public License
	318	along with this program. If not, see http://www.gnu.org/licenses/.
	319
	320	@licend The above is the entire license notice
	321	for the JavaScript code in this page.
	322	*/
	323	var _paq = _paq \|\| [];
	324	_paq.push(["setDocumentTitle", document.domain + "/" + document.title]);
	325	_paq.push(["setCookieDomain", "*.www.fsf.org"]);
	326	_paq.push(["setDomains", [".www.fsf.org",".www.fsf.org"]]);
	327	_paq.push(["trackPageView"]);
	328	_paq.push(["enableLinkTracking"]);
	329
	330	(function() {
	331	var u=(("https:" == document.location.protocol) ? "https" : "http") + "://piwik.fsf.org/";
	332	_paq.push(["setTrackerUrl", u+"piwik.php"]);
	333	_paq.push(["setSiteId", "5"]);
	334	var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0]; g.type="text/javascript";
	335	g.defer=true; g.async=true; g.src=u+"piwik.js"; s.parentNode.insertBefore(g,s);
	336	})();
	337	</script>
	338	<!-- End Piwik Code -->
8f2f9359 ZR	339	</body>
8f2f9359 ZR	340	</html>