1 # SOME DESCRIPTIVE TITLE
2 # Copyright (C) YEAR Free Software Foundation, Inc.
3 # This file is distributed under the same license as the emailselfdefense package.
4 # FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
9 "Project-Id-Version: emailselfdefense ersion\n"
10 "POT-Creation-Date: 2019-04-19 17:48+0200\n"
11 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
12 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
13 "Language-Team: LANGUAGE <LL@li.org>\n"
16 "Content-Type: text/plain; charset=UTF-8\n"
17 "Content-Transfer-Encoding: 8bit\n"
19 #. type: Attribute 'lang' of: <html>
23 #. type: Attribute 'content' of: <html><head><meta>
24 msgid "text/html; charset=utf-8"
27 #. type: Content of: <html><head><title>
28 msgid "Email Self-Defense - a guide to fighting surveillance with GnuPG encryption"
31 #. type: Attribute 'content' of: <html><head><meta>
32 msgid "GnuPG, GPG, openpgp, surveillance, privacy, email, Enigmail"
35 #. type: Attribute 'content' of: <html><head><meta>
37 "Email surveillance violates our fundamental rights and makes free speech "
38 "risky. This guide will teach you email self-defense in 40 minutes with "
42 #. type: Attribute 'content' of: <html><head><meta>
43 msgid "width=device-width, initial-scale=1"
46 #. type: Content of: <html><body><header><div><p>
48 "<strong>Please check your email for a confirmation link now. Thanks for "
49 "joining our list!</strong>"
52 #. type: Content of: <html><body><header><div><p>
54 "If you don't receive the confirmation link, send us an email at info@fsf.org "
55 "to be added manually."
58 #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img>
62 #. type: Content of: <html><body><header><div><p>
63 msgid "Join us on microblogging services for day-to-day updates:"
66 #. type: Content of: <html><body><section><div><div><div><p><a>
67 msgid "<a href=\"https://status.fsf.org/fsf\">"
70 #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img>
74 #. type: Content of: <html><body><section><div><div><div><p><a>
75 msgid " GNU Social</a> | <a href=\"http://microca.st/fsf\">"
78 #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img>
82 #. type: Content of: <html><body><section><div><div><div><p>
84 " Pump.io</a> | <a "
85 "href=\"https://www.twitter.com/fsf\">Twitter</a>"
88 #. type: Content of: <html><body><header><div><p>
90 "<small><a href=\"https://www.fsf.org/twitter\">Read why GNU Social and "
91 "Pump.io are better than Twitter.</a></small>"
94 #. type: Content of: <html><body><header><div><p>
95 msgid "← Return to <a href=\"index.html\">Email Self-Defense</a>"
98 #. type: Content of: <html><body><footer><div><div><h4><a>
99 msgid "<a href=\"https://u.fsf.org/ys\">"
102 #. type: Attribute 'alt' of: <html><body><footer><div><div><h4><a><img>
103 msgid "Free Software Foundation"
106 #. type: Content of: <html><body><footer><div><p>
110 #. type: Content of: <html><body><footer><div><div><p>
112 "Copyright © 2014-2016 <a href=\"https://u.fsf.org/ys\">Free Software "
113 "Foundation</a>, Inc. <a "
114 "href=\"https://my.fsf.org/donate/privacypolicy.html\">Privacy "
115 "Policy</a>. Please support our work by <a "
116 "href=\"https://u.fsf.org/yr\">joining us as an associate member.</a>"
119 #. type: Content of: <html><body><footer><div><div><p>
121 "The images on this page are under a <a "
122 "href=\"https://creativecommons.org/licenses/by/4.0/\">Creative Commons "
123 "Attribution 4.0 license (or later version)</a>, and the rest of it is under "
124 "a <a href=\"https://creativecommons.org/licenses/by-sa/4.0\">Creative "
125 "Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download "
127 "href=\"http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz\"> "
128 "source code of Edward reply bot</a> by Andrew Engelbrecht "
129 "<sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>, "
130 "available under the GNU Affero General Public License. <a "
131 "href=\"http://www.gnu.org/licenses/license-list.html#OtherLicenses\">Why "
132 "these licenses?</a>"
135 #. type: Content of: <html><body><footer><div><div><p>
137 "Fonts used in the guide & infographic: <a "
138 "href=\"https://www.google.com/fonts/specimen/Dosis\">Dosis</a> by Pablo "
140 "href=\"http://www.google.com/fonts/specimen/Signika\">Signika</a> by Anna "
142 "href=\"http://www.google.com/fonts/specimen/Archivo+Narrow\">Archivo "
143 "Narrow</a> by Omnibus-Type, <a "
144 "href=\"https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls\">PXL-2000</a> "
148 #. type: Content of: <html><body><footer><div><div><p>
150 "Download the <a href=\"emailselfdefense_source.zip\">source package</a> for "
151 "this guide, including fonts, image source files and the text of Edward's "
155 #. type: Content of: <html><body><footer><div><div><p>
157 "This site uses the Weblabels standard for labeling <a "
158 "href=\"https://www.fsf.org/campaigns/freejs\">free JavaScript</a>. View the "
159 "JavaScript <a href=\"//weblabels.fsf.org/emailselfdefense.fsf.org/\" "
160 "rel=\"jslicense\">source code and license information</a>."
163 #. type: Content of: <html><body><footer><div><p><a>
165 "Infographic and guide design by <a rel=\"external\" "
166 "href=\"http://jplusplus.org\"><strong>Journalism++</strong>"
169 #. type: Attribute 'alt' of: <html><body><footer><div><p><a><img>
173 #. type: Content of: <html><body><header><div><h1>
174 msgid "Email Self-Defense"
177 #. type: Content of: <html><body><header><div><ul><li>
178 msgid "<a class=\"current\" href=\"/en\">English - v4.0</a>"
181 #. type: Content of: <html><body><header><div><ul><li>
182 msgid "<a href=\"/ar\">العربية <span class=\"tip\">tip</span></a>"
185 #. type: Content of: <html><body><header><div><ul><li>
186 msgid "<a href=\"/cs\">čeština - v4.0</a>"
189 #. type: Content of: <html><body><header><div><ul><li>
190 msgid "<a href=\"/de\">Deutsch - v4.0</a>"
193 #. type: Content of: <html><body><header><div><ul><li>
194 msgid "<a href=\"/el\">ελληνικά - v3.0</a>"
197 #. type: Content of: <html><body><header><div><ul><li>
198 msgid "<a href=\"/es\">español - v4.0</a>"
201 #. type: Content of: <html><body><header><div><ul><li>
202 msgid "<a href=\"/fa\">فارسی - v4.0</a>"
205 #. type: Content of: <html><body><header><div><ul><li>
206 msgid "<a href=\"/fr\">français - v4.0</a>"
209 #. type: Content of: <html><body><header><div><ul><li>
210 msgid "<a href=\"/it\">italiano - v3.0</a>"
213 #. type: Content of: <html><body><header><div><ul><li>
214 msgid "<a href=\"/ja\">日本語 - v4.0</a>"
217 #. type: Content of: <html><body><header><div><ul><li>
218 msgid "<a href=\"/ko\">한국어 <span class=\"tip\">tip</span></a>"
221 #. type: Content of: <html><body><header><div><ul><li>
222 msgid "<a href=\"/ml\">മലയാളം <span class=\"tip\">tip</span></a>"
225 #. type: Content of: <html><body><header><div><ul><li>
226 msgid "<a href=\"/pt-br\">português do Brasil - v3.0</a>"
229 #. type: Content of: <html><body><header><div><ul><li>
230 msgid "<a href=\"/ro\">română - v3.0</a>"
233 #. type: Content of: <html><body><header><div><ul><li>
234 msgid "<a href=\"/ru\">русский - v4.0</a>"
237 #. type: Content of: <html><body><header><div><ul><li>
238 msgid "<a href=\"/sq\">Shqip - v4.0</a>"
241 #. type: Content of: <html><body><header><div><ul><li>
242 msgid "<a href=\"/sv\">svenska - v4.0</a>"
245 #. type: Content of: <html><body><header><div><ul><li>
246 msgid "<a href=\"/tr\">Türkçe - v4.0</a>"
249 #. type: Content of: <html><body><header><div><ul><li>
250 msgid "<a href=\"/zh-hans\">简体中文 - v4.0</a>"
253 #. type: Content of: <html><body><header><div><ul><li>
255 "<a href=\"https://libreplanet.org/wiki/GPG_guide/Translation_Guide\"> "
256 "<strong><span style=\"color: #2F5FAA;\">Translate!</span></strong></a>"
259 #. type: Content of: <html><body><header><div><ul><li>
260 msgid "<a href=\"index.html\" class=\"current\">GNU/Linux</a>"
263 #. type: Content of: <html><body><header><div><ul><li>
264 msgid "<a href=\"mac.html\">Mac OS</a>"
267 #. type: Content of: <html><body><header><div><ul><li>
268 msgid "<a href=\"windows.html\">Windows</a>"
271 #. type: Content of: <html><body><header><div><ul><li>
272 msgid "<a href=\"workshops.html\">Teach your friends</a>"
275 #. type: Content of: <html><body><header><div><ul><li><a>
277 "<a href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Email "
278 "encryption for everyone via %40fsf\"> Share "
281 #. type: Content of: <html><body><header><div><ul><li><a>
285 #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img>
289 #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img>
290 msgid "[Hacker News]"
293 #. type: Content of: <html><body><header><div><div><h3><a>
294 msgid "<a href=\"http://u.fsf.org/ys\">"
297 #. type: Content of: <html><body><header><div><div><div><p>
299 "We fight for computer users' rights, and promote the development of free (as "
300 "in freedom) software. Resisting bulk surveillance is very important to us."
303 #. type: Content of: <html><body><header><div><div><div><p>
305 "<strong>Please donate to support Email Self-Defense. We need to keep "
306 "improving it, and making more materials, for the benefit of people around "
307 "the world taking the first step towards protecting their privacy.</strong>"
310 #. type: Content of: <html><body><header><div><div><p><a>
313 "href=\"https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate\">"
316 #. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img>
320 #. type: Content of: <html><body><header><div><div><p><a>
321 msgid "<a id=\"infographic\" href=\"infographic.html\">"
324 #. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img>
325 msgid "View & share our infographic →"
328 #. type: Content of: <html><body><header><div><div><p>
330 "</a> Bulk surveillance violates our fundamental rights and makes free speech "
331 "risky. This guide will teach you a basic surveillance self-defense skill: "
332 "email encryption. Once you've finished, you'll be able to send and receive "
333 "emails that are scrambled to make sure a surveillance agent or thief "
334 "intercepting your email can't read them. All you need is a computer with an "
335 "Internet connection, an email account, and about forty minutes."
338 #. type: Content of: <html><body><header><div><div><p>
340 "Even if you have nothing to hide, using encryption helps protect the privacy "
341 "of people you communicate with, and makes life difficult for bulk "
342 "surveillance systems. If you do have something important to hide, you're in "
343 "good company; these are the same tools that whistleblowers use to protect "
344 "their identities while shining light on human rights abuses, corruption and "
348 #. type: Content of: <html><body><header><div><div><p>
350 "In addition to using encryption, standing up to surveillance requires "
351 "fighting politically for a <a "
352 "href=\"http://gnu.org/philosophy/surveillance-vs-democracy.html\">reduction "
353 "in the amount of data collected on us</a>, but the essential first step is "
354 "to protect yourself and make surveillance of your communication as difficult "
355 "as possible. This guide helps you do that. It is designed for beginners, but "
356 "if you already know the basics of GnuPG or are an experienced free software "
357 "user, you'll enjoy the advanced tips and the <a "
358 "href=\"workshops.html\">guide to teaching your friends</a>."
361 #. type: Content of: <html><body><section><div><div><h2>
362 msgid "<em>#1</em> Get the pieces"
365 #. type: Content of: <html><body><section><div><div><p>
367 "This guide relies on software which is <a "
368 "href=\"https://www.gnu.org/philosophy/free-sw.html\">freely licensed</a>; "
369 "it's completely transparent and anyone can copy it or make their own "
370 "version. This makes it safer from surveillance than proprietary software "
371 "(like Windows). Learn more about free software at <a "
372 "href=\"https://u.fsf.org/ys\">fsf.org</a>."
375 #. type: Content of: <html><body><section><div><div><p>
377 "Most GNU/Linux operating systems come with GnuPG installed on them, so you "
378 "don't have to download it. Before configuring GnuPG though, you'll need the "
379 "IceDove desktop email program installed on your computer. Most GNU/Linux "
380 "distributions have IceDove installed already, though it may be under the "
381 "alternate name \"Thunderbird.\" Email programs are another way to access the "
382 "same email accounts you can access in a browser (like Gmail), but provide "
386 #. type: Content of: <html><body><section><div><div><p>
388 "If you already have an email program, you can skip to <a "
389 "href=\"#step-1b\">Step 1.b</a>."
392 #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img>
393 msgid "Step 1.A: Install Wizard"
396 #. type: Content of: <html><body><section><div><div><div><h3>
397 msgid "<em>Step 1.a</em> Set up your email program with your email account"
400 #. type: Content of: <html><body><section><div><div><div><p>
402 "Open your email program and follow the wizard (step-by-step walkthrough) "
403 "that sets it up with your email account."
406 #. type: Content of: <html><body><section><div><div><div><p>
408 "Look for the letters SSL, TLS, or STARTTLS to the right of the servers when "
409 "you're setting up your account. If you don't see them, you will still be "
410 "able to use encryption, but this means that the people running your email "
411 "system are running behind the industry standard in protecting your security "
412 "and privacy. We recommend that you send them a friendly email asking them to "
413 "enable SSL, TLS, or STARTTLS for your email server. They will know what "
414 "you're talking about, so it's worth making the request even if you aren't an "
415 "expert on these security systems."
418 #. type: Content of: <html><body><section><div><div><div><div><h4>
419 msgid "Troubleshooting"
422 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
423 msgid "The wizard doesn't launch"
426 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
428 "You can launch the wizard yourself, but the menu option for doing so is "
429 "named differently in each email program. The button to launch it will be in "
430 "the program's main menu, under \"New\" or something similar, titled "
431 "something like \"Add account\" or \"New/Existing email account.\""
434 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
435 msgid "The wizard can't find my account or isn't downloading my mail"
438 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
440 "Before searching the Web, we recommend you start by asking other people who "
441 "use your email system, to figure out the correct settings."
444 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
445 msgid "Don't see a solution to your problem?"
448 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
450 "Please let us know on the <a "
451 "href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">feedback "
455 #. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img>
456 msgid "Step 1.B: Tools -> Add-ons"
459 #. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img>
460 msgid "Step 1.B: Search Add-ons"
463 #. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img>
464 msgid "Step 1.B: Install Add-ons"
467 #. type: Content of: <html><body><section><div><div><div><h3>
468 msgid "<em>Step 1.b</em> Install the Enigmail plugin for your email program"
471 #. type: Content of: <html><body><section><div><div><div><p>
473 "In your email program's menu, select Add-ons (it may be in the Tools "
474 "section). Make sure Extensions is selected on the left. Do you see Enigmail? "
475 "Make sure it's the latest version. If so, skip this step."
478 #. type: Content of: <html><body><section><div><div><div><p>
480 "If not, search \"Enigmail\" with the search bar in the upper right. You can "
481 "take it from here. Restart your email program when you're done."
484 #. type: Content of: <html><body><section><div><div><div><p>
486 "There are major security flaws in versions of GnuPG prior to 2.2.8, and "
487 "Enigmail prior to 2.0.7. Make sure you have GnuPG 2.2.8 and Enigmail 2.0.7, "
491 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
492 msgid "I can't find the menu."
495 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
497 "In many new email programs, the main menu is represented by an image of "
498 "three stacked horizontal bars."
501 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
502 msgid "My email looks weird"
505 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
507 "Enigmail doesn't tend to play nice with HTML, which is used to format "
508 "emails, so it may disable your HTML formatting automatically. To send an "
509 "HTML-formatted email without encryption or a signature, hold down the Shift "
510 "key when you select compose. You can then write an email as if Enigmail "
514 #. type: Content of: <html><body><section><div><div><h2>
515 msgid "<em>#2</em> Make your keys"
518 #. type: Content of: <html><body><section><div><div><p>
520 "To use the GnuPG system, you'll need a public key and a private key (known "
521 "together as a keypair). Each is a long string of randomly generated numbers "
522 "and letters that are unique to you. Your public and private keys are linked "
523 "together by a special mathematical function."
526 #. type: Content of: <html><body><section><div><div><p>
528 "Your public key isn't like a physical key, because it's stored in the open "
529 "in an online directory called a keyserver. People download it and use it, "
530 "along with GnuPG, to encrypt emails they send to you. You can think of the "
531 "keyserver as a phonebook; people who want to send you encrypted email can "
532 "look up your public key."
535 #. type: Content of: <html><body><section><div><div><p>
537 "Your private key is more like a physical key, because you keep it to "
538 "yourself (on your computer). You use GnuPG and your private key together to "
539 "descramble encrypted emails other people send to you. <span "
540 "style=\"font-weight: bold;\">You should never share you private key with "
541 "anyone, under any circumstances.</span>"
544 #. type: Content of: <html><body><section><div><div><p>
546 "In addition to encryption and decryption, you can also use these keys to "
547 "sign messages and check the authenticity of other people's signatures. We'll "
548 "discuss this more in the next section."
551 #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img>
552 msgid "Step 2.A: Make a Keypair"
555 #. type: Content of: <html><body><section><div><div><div><h3>
556 msgid "<em>Step 2.a</em> Make a keypair"
559 #. type: Content of: <html><body><section><div><div><div><p>
561 "The Enigmail Setup wizard may start automatically. If it doesn't, select "
562 "Enigmail → Setup Wizard from your email program's menu. You don't need "
563 "to read the text in the window that pops up unless you'd like to, but it's "
564 "good to read the text on the later screens of the wizard. Click Next with "
565 "the default options selected, except in these instances, which are listed in "
566 "the order they appear:"
569 #. type: Content of: <html><body><section><div><div><div><ul><li>
571 "On the screen titled \"Encryption,\" select \"Encrypt all of my messages by "
572 "default, because privacy is critical to me.\""
575 #. type: Content of: <html><body><section><div><div><div><ul><li>
577 "On the screen titled \"Signing,\" select \"Don't sign my messages by "
581 #. type: Content of: <html><body><section><div><div><div><ul><li>
583 "On the screen titled \"Key Selection,\" select \"I want to create a new key "
584 "pair for signing and encrypting my email.\""
587 #. type: Content of: <html><body><section><div><div><div><ul><li>
589 "On the screen titled \"Create Key,\" pick a strong password! You can do it "
590 "manually, or you can use the Diceware method. Doing it manually is faster "
591 "but not as secure. Using Diceware takes longer and requires dice, but "
592 "creates a password that is much harder for attackers to figure out. To use "
593 "it, read the section \"Make a secure passphrase with Diceware\" in <a "
594 "href=\"https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/\"> "
595 "this article</a> by Micah Lee."
598 #. type: Content of: <html><body><section><div><div><div><p>
600 "If you'd like to pick a password manually, come up with something you can "
601 "remember which is at least twelve characters long, and includes at least one "
602 "lower case and upper case letter and at least one number or punctuation "
603 "symbol. Never pick a password you've used elsewhere. Don't use any "
604 "recognizable patterns, such as birthdays, telephone numbers, pets' names, "
605 "song lyrics, quotes from books, and so on."
608 #. type: Content of: <html><body><section><div><div><div><p>
610 "The program will take a little while to finish the next step, the \"Key "
611 "Creation\" screen. While you wait, do something else with your computer, "
612 "like watching a movie or browsing the Web. The more you use the computer at "
613 "this point, the faster the key creation will go."
616 #. type: Content of: <html><body><section><div><div><div><p>
618 "<span style=\"font-weight: bold;\">When the \"Key Generation Completed\" "
619 "screen pops up, select Generate Certificate and choose to save it in a safe "
620 "place on your computer (we recommend making a folder called \"Revocation "
621 "Certificate\" in your home folder and keeping it there). This step is "
622 "essential for your email self-defense, as you'll learn more about in <a "
623 "href=\"#section5\">Section 5</a>.</span>"
626 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
627 msgid "I can't find the Enigmail menu."
630 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
632 "In many new email programs, the main menu is represented by an image of "
633 "three stacked horizontal bars. Enigmail may be inside a section called "
637 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
638 msgid "The wizard says that it cannot find GnuPG."
641 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
643 "Open whatever program you usually use for installing software, and search "
644 "for GnuPG, then install it. Then restart the Enigmail setup wizard by going "
645 "to Enigmail → Setup Wizard."
648 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
649 msgid "More resources"
652 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
654 "If you're having trouble with our instructions or just want to learn more, "
656 "href=\"https://enigmail.wiki/Key_Management#Generating_your_own_key_pair\"> "
657 "Enigmail's wiki instructions for key generation</a>."
660 #. type: Content of: <html><body><section><div><div><div><div><h4>
664 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
665 msgid "Command line key generation"
668 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
670 "If you prefer using the command line for a higher degree of control, you can "
671 "follow the documentation from <a "
672 "href=\"https://www.gnupg.org/gph/en/manual/c14.html#AEN25\">The GNU Privacy "
673 "Handbook</a>. Make sure you stick with \"RSA and RSA\" (the default), "
674 "because it's newer and more secure than the algorithms the documentation "
675 "recommends. Also make sure your key is at least 2048 bits, or 4096 if you "
676 "want to be extra secure."
679 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
680 msgid "Advanced key pairs"
683 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
685 "When GnuPG creates a new keypair, it compartmentalizes the encryption "
686 "function from the signing function through <a "
687 "href=\"https://wiki.debian.org/Subkeys\">subkeys</a>. If you use subkeys "
688 "carefully, you can keep your GnuPG identity much more secure and recover "
689 "from a compromised key much more quickly. <a "
690 "href=\"https://alexcabal.com/creating-the-perfect-gpg-keypair/\">Alex "
691 "Cabal</a> and <a href=\"http://keyring.debian.org/creating-key.html\">the "
692 "Debian wiki</a> provide good guides for setting up a secure subkey "
696 #. type: Content of: <html><body><section><div><div><div><h3>
697 msgid "<em>Step 2.b</em> Upload your public key to a keyserver"
700 #. type: Content of: <html><body><section><div><div><div><p>
701 msgid "In your email program's menu, select Enigmail → Key Management."
704 #. type: Content of: <html><body><section><div><div><div><p>
706 "Right click on your key and select Upload Public Keys to Keyserver. Use the "
707 "default keyserver in the popup."
710 #. type: Content of: <html><body><section><div><div><div><p>
712 "Now someone who wants to send you an encrypted message can download your "
713 "public key from the Internet. There are multiple keyservers that you can "
714 "select from the menu when you upload, but they are all copies of each other, "
715 "so it doesn't matter which one you use. However, it sometimes takes a few "
716 "hours for them to match each other when a new key is uploaded."
719 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
720 msgid "The progress bar never finishes"
723 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
725 "Close the upload popup, make sure you are connected to the Internet, and try "
726 "again. If that doesn't work, try again, selecting a different keyserver."
729 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
730 msgid "My key doesn't appear in the list"
733 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
734 msgid "Try checking \"Display All Keys by Default.\""
737 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
738 msgid "More documentation"
741 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
743 "If you're having trouble with our instructions or just want to learn more, "
744 "check out <a href=\"https://www.enigmail.net/index.php/en/documentation\"> "
745 "Enigmail's documentation</a>."
748 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
749 msgid "Uploading a key from the command line"
752 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
754 "You can also upload your keys to a keyserver through the <a "
755 "href=\"https://www.gnupg.org/gph/en/manual/x457.html\">command line</a>. <a "
756 "href=\"https://sks-keyservers.net/overview-of-pools.php\">The sks Web "
757 "site</a> maintains a list of highly interconnected keyservers. You can also "
758 "<a href=\"https://www.gnupg.org/gph/en/manual/x56.html#AEN64\">directly "
759 "export your key</a> as a file on your computer."
762 #. type: Content of: <html><body><section><div><div><div><h3>
763 msgid "GnuPG, OpenPGP, what?"
766 #. type: Content of: <html><body><section><div><div><div><p>
768 "In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP are "
769 "used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the "
770 "encryption standard, and GNU Privacy Guard (often shortened to GPG or GnuPG) "
771 "is the program that implements the standard. Enigmail is a plug-in program "
772 "for your email program that provides an interface for GnuPG."
775 #. type: Content of: <html><body><section><div><div><h2>
776 msgid "<em>#3</em> Try it out!"
779 #. type: Content of: <html><body><section><div><div><p>
781 "Now you'll try a test correspondence with a computer program named Edward, "
782 "who knows how to use encryption. Except where noted, these are the same "
783 "steps you'd follow when corresponding with a real, live person."
786 #. type: Content of: <html><body><section><div><div><div><h3>
787 msgid "<em>Step 3.a</em> Send Edward your public key"
790 #. type: Content of: <html><body><section><div><div><div><p>
792 "This is a special step that you won't have to do when corresponding with "
793 "real people. In your email program's menu, go to Enigmail → Key "
794 "Management. You should see your key in the list that pops up. Right click on "
795 "your key and select Send Public Keys by Email. This will create a new draft "
796 "message, as if you had just hit the Write button."
799 #. type: Content of: <html><body><section><div><div><div><p>
801 "Address the message to <a "
802 "href=\"mailto:edward-en@fsf.org\">edward-en@fsf.org</a>. Put at least one "
803 "word (whatever you want) in the subject and body of the email. Don't send "
807 #. type: Content of: <html><body><section><div><div><div><p>
809 "The lock icon in the top left should be yellow, meaning encryption is turned "
810 "on. We want this first special message to be unencrypted, so click the icon "
811 "once to turn it off. The lock should become grey, with a blue dot on it (to "
812 "alert you that the setting has been changed from the default). Once "
813 "encryption is off, hit Send."
816 #. type: Content of: <html><body><section><div><div><div><p>
818 "It may take two or three minutes for Edward to respond. In the meantime, you "
819 "might want to skip ahead and check out the <a href=\"#section5\">Use it "
820 "Well</a> section of this guide. Once he's responded, head to the next "
821 "step. From here on, you'll be doing just the same thing as when "
822 "corresponding with a real person."
825 #. type: Content of: <html><body><section><div><div><div><p>
827 "When you open Edward's reply, GnuPG may prompt you for your password before "
828 "using your private key to decrypt it."
831 #. type: Content of: <html><body><section><div><div><div><h3>
832 msgid "<em>Step 3.b</em> Send a test encrypted email"
835 #. type: Content of: <html><body><section><div><div><div><p>
837 "Write a new email in your email program, addressed to <a "
838 "href=\"mailto:edward-en@fsf.org\">edward-en@fsf.org</a>. Make the subject "
839 "\"Encryption test\" or something similar and write something in the body."
842 #. type: Content of: <html><body><section><div><div><div><p>
844 "The lock icon in the top left of the window should be yellow, meaning "
845 "encryption is on. This will be your default from now on."
848 #. type: Content of: <html><body><section><div><div><div><p>
850 "Next to the lock, you'll notice an icon of a pencil. We'll get to this in a "
854 #. type: Content of: <html><body><section><div><div><div><p>
856 "Click Send. Enigmail will pop up a window that says \"Recipients not valid, "
857 "not trusted or not found.\""
860 #. type: Content of: <html><body><section><div><div><div><p>
862 "To encrypt an email to Edward, you need his public key, so now you'll have "
863 "Enigmail download it from a keyserver. Click Download Missing Keys and use "
864 "the default in the pop-up that asks you to choose a keyserver. Once it finds "
865 "keys, check the first one (Key ID starting with C), then select ok. Select "
866 "ok in the next pop-up."
869 #. type: Content of: <html><body><section><div><div><div><p>
871 "Now you are back at the \"Recipients not valid, not trusted or not found\" "
872 "screen. Check the box in front of Edward's key and click Send."
875 #. type: Content of: <html><body><section><div><div><div><p>
877 "Since you encrypted this email with Edward's public key, Edward's private "
878 "key is required to decrypt it. Edward is the only one with his private key, "
879 "so no one except him can decrypt it."
882 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
883 msgid "Enigmail can't find Edward's key"
886 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
888 "Close the pop-ups that have appeared since you clicked Send. Make sure you "
889 "are connected to the Internet and try again. If that doesn't work, repeat "
890 "the process, choosing a different keyserver when it asks you to pick one."
893 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
894 msgid "Unscrambled messages in the Sent folder"
897 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
899 "Even though you can't decrypt messages encrypted to someone else's key, your "
900 "email program will automatically save a copy encrypted to your public key, "
901 "which you'll be able to view from the Sent folder like a normal email. This "
902 "is normal, and it doesn't mean that your email was not sent encrypted."
905 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
907 "If you're still having trouble with our instructions or just want to learn "
908 "more, check out <a "
909 "href=\"https://enigmail.wiki/Signature_and_Encryption#Encrypting_a_message\"> "
910 "Enigmail's wiki</a>."
913 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
914 msgid "Encrypt messages from the command line"
917 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
919 "You can also encrypt and decrypt messages and files from the <a "
920 "href=\"https://www.gnupg.org/gph/en/manual/x110.html\">command line</a>, if "
921 "that's your preference. The option --armor makes the encrypted output appear "
922 "in the regular character set."
925 #. type: Content of: <html><body><section><div><div><div><h3>
926 msgid "<em>Important:</em> Security tips"
929 #. type: Content of: <html><body><section><div><div><div><p>
931 "Even if you encrypt your email, the subject line is not encrypted, so don't "
932 "put private information there. The sending and receiving addresses aren't "
933 "encrypted either, so a surveillance system can still figure out who you're "
934 "communicating with. Also, surveillance agents will know that you're using "
935 "GnuPG, even if they can't figure out what you're saying. When you send "
936 "attachments, Enigmail will give you the choice to encrypt them or not, "
937 "independent of the actual email."
940 #. type: Content of: <html><body><section><div><div><div><p>
942 "For greater security against potential attacks, you can turn off "
943 "HTML. Instead, you can render the message body as plain text. In order to do "
944 "this in Thunderbird, go to View > Message Body As > Plain Text."
947 #. type: Content of: <html><body><section><div><div><div><h3>
948 msgid "<em>Step 3.c</em> Receive a response"
951 #. type: Content of: <html><body><section><div><div><div><p>
953 "When Edward receives your email, he will use his private key to decrypt it, "
954 "then use your public key (which you sent him in <a href=\"#step-3a\">Step "
955 "3.A</a>) to encrypt his reply to you."
958 #. type: Content of: <html><body><section><div><div><div><p>
960 "It may take two or three minutes for Edward to respond. In the meantime, you "
961 "might want to skip ahead and check out the <a href=\"#section5\">Use it "
962 "Well</a> section of this guide."
965 #. type: Content of: <html><body><section><div><div><div><p>
967 "When you receive Edward's email and open it, Enigmail will automatically "
968 "detect that it is encrypted with your public key, and then it will use your "
969 "private key to decrypt it."
972 #. type: Content of: <html><body><section><div><div><div><p>
974 "Notice the bar that Enigmail shows you above the message, with information "
975 "about the status of Edward's key."
978 #. type: Content of: <html><body><section><div><div><div><h3>
979 msgid "<em>Step 3.d</em> Send a test signed email"
982 #. type: Content of: <html><body><section><div><div><div><p>
984 "GnuPG includes a way for you to sign messages and files, verifying that they "
985 "came from you and that they weren't tampered with along the way. These "
986 "signatures are stronger than their pen-and-paper cousins -- they're "
987 "impossible to forge, because they're impossible to create without your "
988 "private key (another reason to keep your private key safe)."
991 #. type: Content of: <html><body><section><div><div><div><p>
993 "You can sign messages to anyone, so it's a great way to make people aware "
994 "that you use GnuPG and that they can communicate with you securely. If they "
995 "don't have GnuPG, they will be able to read your message and see your "
996 "signature. If they do have GnuPG, they'll also be able to verify that your "
997 "signature is authentic."
1000 #. type: Content of: <html><body><section><div><div><div><p>
1002 "To sign an email to Edward, compose any message to him and click the pencil "
1003 "icon next to the lock icon so that it turns gold. If you sign a message, "
1004 "GnuPG may ask you for your password before it sends the message, because it "
1005 "needs to unlock your private key for signing."
1008 #. type: Content of: <html><body><section><div><div><div><p>
1010 "With the lock and pencil icons, you can choose whether each message will be "
1011 "encrypted, signed, both, or neither."
1014 #. type: Content of: <html><body><section><div><div><div><h3>
1015 msgid "<em>Step 3.e</em> Receive a response"
1018 #. type: Content of: <html><body><section><div><div><div><p>
1020 "When Edward receives your email, he will use your public key (which you sent "
1021 "him in <a href=\"#step-3a\">Step 3.A</a>) to verify that your signature is "
1022 "authentic and the message you sent has not been tampered with."
1025 #. type: Content of: <html><body><section><div><div><div><p>
1027 "Edward's reply will arrive encrypted, because he prefers to use encryption "
1028 "whenever possible. If everything goes according to plan, it should say "
1029 "\"Your signature was verified.\" If your test signed email was also "
1030 "encrypted, he will mention that first."
1033 #. type: Content of: <html><body><section><div><div><h2>
1034 msgid "<em>#4</em> Learn the Web of Trust"
1037 #. type: Content of: <html><body><section><div><div><p>
1039 "Email encryption is a powerful technology, but it has a weakness; it "
1040 "requires a way to verify that a person's public key is actually "
1041 "theirs. Otherwise, there would be no way to stop an attacker from making an "
1042 "email address with your friend's name, creating keys to go with it and "
1043 "impersonating your friend. That's why the free software programmers that "
1044 "developed email encryption created keysigning and the Web of Trust."
1047 #. type: Content of: <html><body><section><div><div><p>
1049 "When you sign someone's key, you are publicly saying that you've verified "
1050 "that it belongs to them and not someone else."
1053 #. type: Content of: <html><body><section><div><div><p>
1055 "Signing keys and signing messages use the same type of mathematical "
1056 "operation, but they carry very different implications. It's a good practice "
1057 "to generally sign your email, but if you casually sign people's keys, you "
1058 "may accidently end up vouching for the identity of an imposter."
1061 #. type: Content of: <html><body><section><div><div><p>
1063 "People who use your public key can see who has signed it. Once you've used "
1064 "GnuPG for a long time, your key may have hundreds of signatures. You can "
1065 "consider a key to be more trustworthy if it has many signatures from people "
1066 "that you trust. The Web of Trust is a constellation of GnuPG users, "
1067 "connected to each other by chains of trust expressed through signatures."
1070 #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img>
1071 msgid "Section 4: Web of Trust"
1074 #. type: Content of: <html><body><section><div><div><div><h3>
1075 msgid "<em>Step 4.a</em> Sign a key"
1078 #. type: Content of: <html><body><section><div><div><div><p>
1079 msgid "In your email program's menu, go to Enigmail → Key Management."
1082 #. type: Content of: <html><body><section><div><div><div><p>
1084 "Right click on Edward's public key and select Sign Key from the context "
1088 #. type: Content of: <html><body><section><div><div><div><p>
1089 msgid "In the window that pops up, select \"I will not answer\" and click ok."
1092 #. type: Content of: <html><body><section><div><div><div><p>
1094 "Now you should be back at the Key Management menu. Select Keyserver → "
1095 "Upload Public Keys and hit ok."
1098 #. type: Content of: <html><body><section><div><div><div><p>
1100 "You've just effectively said \"I trust that Edward's public key actually "
1101 "belongs to Edward.\" This doesn't mean much because Edward isn't a real "
1102 "person, but it's good practice."
1105 #. type: Content of: <html><body><section><div><div><div><h3>
1106 msgid "Identifying keys: Fingerprints and IDs"
1109 #. type: Content of: <html><body><section><div><div><div><p>
1111 "People's public keys are usually identified by their key fingerprint, which "
1112 "is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8 (for "
1113 "Edward's key). You can see the fingerprint for your public key, and other "
1114 "public keys saved on your computer, by going to Enigmail → Key "
1115 "Management in your email program's menu, then right clicking on the key and "
1116 "choosing Key Properties. It's good practice to share your fingerprint "
1117 "wherever you share your email address, so that people can double-check that "
1118 "they have the correct public key when they download yours from a keyserver."
1121 #. type: Content of: <html><body><section><div><div><div><p>
1123 "You may also see public keys referred to by a shorter key ID. This key ID is "
1124 "visible directly from the Key Management window. These eight character key "
1125 "IDs were previously used for identification, which used to be safe, but is "
1126 "no longer reliable. You need to check the full fingerprint as part of "
1127 "verifying you have the correct key for the person you are trying to "
1128 "contact. Spoofing, in which someone intentionally generates a key with a "
1129 "fingerprint whose final eight characters are the same as another, is "
1130 "unfortunately common."
1133 #. type: Content of: <html><body><section><div><div><div><h3>
1134 msgid "<em>Important:</em> What to consider when signing keys"
1137 #. type: Content of: <html><body><section><div><div><div><p>
1139 "Before signing a person's key, you need to be confident that it actually "
1140 "belongs to them, and that they are who they say they are. Ideally, this "
1141 "confidence comes from having interactions and conversations with them over "
1142 "time, and witnessing interactions between them and others. Whenever signing "
1143 "a key, ask to see the full public key fingerprint, and not just the shorter "
1144 "key ID. If you feel it's important to sign the key of someone you've just "
1145 "met, also ask them to show you their government identification, and make "
1146 "sure the name on the ID matches the name on the public key. In Enigmail, "
1147 "answer honestly in the window that pops up and asks \"How carefully have you "
1148 "verified that the key you are about to sign actually belongs to the "
1149 "person(s) named above?\""
1152 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
1153 msgid "Master the Web of Trust"
1156 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
1158 "Unfortunately, trust does not spread between users the way <a "
1159 "href=\"http://fennetic.net/irc/finney.org/~hal/web_of_trust.html\">many "
1160 "people think</a>. One of best ways to strengthen the GnuPG community is to "
1162 "href=\"https://www.gnupg.org/gph/en/manual/x334.html\">understand</a> the "
1163 "Web of Trust and to carefully sign as many people's keys as circumstances "
1167 #. type: Content of: <html><body><section><div><div><div><div><dl><dt>
1168 msgid "Set ownertrust"
1171 #. type: Content of: <html><body><section><div><div><div><div><dl><dd>
1173 "If you trust someone enough to validate other people's keys, you can assign "
1174 "them an ownertrust level through Enigmails's key management window. Right "
1175 "click on the other person's key, go to the \"Select Owner Trust\" menu "
1176 "option, select the trustlevel and click OK. Only do this once you feel you "
1177 "have a deep understanding of the Web of Trust."
1180 #. type: Content of: <html><body><section><div><div><h2>
1181 msgid "<em>#5</em> Use it well"
1184 #. type: Content of: <html><body><section><div><div><p>
1186 "Everyone uses GnuPG a little differently, but it's important to follow some "
1187 "basic practices to keep your email secure. Not following them, you risk the "
1188 "privacy of the people you communicate with, as well as your own, and damage "
1192 #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img>
1193 msgid "Section 5: Use it Well (1)"
1196 #. type: Content of: <html><body><section><div><div><div><h3>
1197 msgid "When should I encrypt? When should I sign?"
1200 #. type: Content of: <html><body><section><div><div><div><p>
1202 "The more you can encrypt your messages, the better. If you only encrypt "
1203 "emails occasionally, each encrypted message could raise a red flag for "
1204 "surveillance systems. If all or most of your email is encrypted, people "
1205 "doing surveillance won't know where to start. That's not to say that only "
1206 "encrypting some of your email isn't helpful -- it's a great start and it "
1207 "makes bulk surveillance more difficult."
1210 #. type: Content of: <html><body><section><div><div><div><p>
1212 "Unless you don't want to reveal your own identity (which requires other "
1213 "protective measures), there's no reason not to sign every message, whether "
1214 "or not you are encrypting. In addition to allowing those with GnuPG to "
1215 "verify that the message came from you, signing is a non-intrusive way to "
1216 "remind everyone that you use GnuPG and show support for secure "
1217 "communication. If you often send signed messages to people that aren't "
1218 "familiar with GnuPG, it's nice to also include a link to this guide in your "
1219 "standard email signature (the text kind, not the cryptographic kind)."
1222 #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img>
1223 msgid "Section 5: Use it Well (2)"
1226 #. type: Content of: <html><body><section><div><div><div><h3>
1227 msgid "Be wary of invalid keys"
1230 #. type: Content of: <html><body><section><div><div><div><p>
1232 "GnuPG makes email safer, but it's still important to watch out for invalid "
1233 "keys, which might have fallen into the wrong hands. Email encrypted with "
1234 "invalid keys might be readable by surveillance programs."
1237 #. type: Content of: <html><body><section><div><div><div><p>
1239 "In your email program, go back to the first encrypted email that Edward sent "
1240 "you. Because Edward encrypted it with your public key, it will have a "
1241 "message from Enigmail at the top, which most likely says \"Enigmail: Part of "
1242 "this message encrypted.\""
1245 #. type: Content of: <html><body><section><div><div><div><p>
1247 "<b>When using GnuPG, make a habit of glancing at that bar. The program will "
1248 "warn you there if you get an email signed with a key that can't be "
1252 #. type: Content of: <html><body><section><div><div><div><h3>
1253 msgid "Copy your revocation certificate to somewhere safe"
1256 #. type: Content of: <html><body><section><div><div><div><p>
1258 "Remember when you created your keys and saved the revocation certificate "
1259 "that GnuPG made? It's time to copy that certificate onto the safest digital "
1260 "storage that you have -- the ideal thing is a flash drive, disk, or hard "
1261 "drive stored in a safe place in your home, not on a device you carry with "
1265 #. type: Content of: <html><body><section><div><div><div><p>
1267 "If your private key ever gets lost or stolen, you'll need this certificate "
1268 "file to let people know that you are no longer using that keypair."
1271 #. type: Content of: <html><body><section><div><div><div><h3>
1272 msgid "<em>Important:</em> act swiftly if someone gets your private key"
1275 #. type: Content of: <html><body><section><div><div><div><p>
1277 "If you lose your private key or someone else gets ahold of it (say, by "
1278 "stealing or cracking your computer), it's important to revoke it immediately "
1279 "before someone else uses it to read your encrypted email or forge your "
1280 "signature. This guide doesn't cover how to revoke a key, but you can follow "
1282 "href=\"https://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/\">instructions</a>. "
1283 "After you're done revoking, make a new key and send an email to everyone "
1284 "with whom you usually use your key to make sure they know, including a copy "
1288 #. type: Content of: <html><body><section><div><div><div><h3>
1289 msgid "Webmail and GnuPG"
1292 #. type: Content of: <html><body><section><div><div><div><p>
1294 "When you use a web browser to access your email, you're using webmail, an "
1295 "email program stored on a distant website. Unlike webmail, your desktop "
1296 "email program runs on your own computer. Although webmail can't decrypt "
1297 "encrypted email, it will still display it in its encrypted form. If you "
1298 "primarily use webmail, you'll know to open your email client when you "
1299 "receive a scrambled email."
1302 #. type: Content of: <html><body><section><div><div><h2>
1303 msgid "<a href=\"next_steps.html\">Great job! Check out the next steps.</a>"
1306 #. type: Content of: <html><body><header><div><p>
1307 msgid "← Read the <a href=\"index.html\">full guide</a>"
1310 #. type: Content of: <html><body><header><div><h3><a>
1313 "href=\"https://fsf.org/share?u=https://u.fsf.org/zc&t=How public-key "
1314 "encryption works. Infographic via %40fsf\">"
1317 #. type: Content of: <html><body><header><div><h3>
1318 msgid " Share our infographic </a> with the hashtag #EmailSelfDefense"
1321 #. type: Attribute 'alt' of: <html><body><header><div><p><img>
1322 msgid "View & share our infographic"
1325 #. type: Content of: <html><body><header><div><ul><li>
1326 msgid "<a href=\"index.html\">GNU/Linux</a>"
1329 #. type: Content of: <html><body><header><div><ul><li>
1330 msgid "<a href=\"mac.html\" class=\"current\">Mac OS</a>"
1333 #. type: Content of: <html><body><section><div><div><p>
1335 "This guide relies on software which is <a "
1336 "href=\"https://www.gnu.org/philosophy/free-sw.html\">freely licensed</a>; "
1337 "it's completely transparent and anyone can copy it or make their own "
1338 "version. This makes it safer from surveillance than proprietary software "
1339 "(like Windows or Mac OS). To defend your freedom as well as protect yourself "
1340 "from surveillance, we recommend you switch to a free software operating "
1341 "system like GNU/Linux. Learn more about free software at <a "
1342 "href=\"https://u.fsf.org/ys\">fsf.org</a>."
1345 #. type: Content of: <html><body><section><div><div><p>
1347 "To get started, you'll need the IceDove desktop email program installed on "
1348 "your computer. For your system, IceDove may be known by the alternate name "
1349 "\"Thunderbird.\" Email programs are another way to access the same email "
1350 "accounts you can access in a browser (like Gmail), but provide extra "
1354 #. type: Content of: <html><body><section><div><div><div><h3>
1355 msgid "<em>Step 1.b</em> Get GnuPG by downloading GPGTools"
1358 #. type: Content of: <html><body><section><div><div><div><p>
1360 "GPGTools is a software package that includes GnuPG. <a "
1361 "href=\"https://gpgtools.org/#gpgsuite\">Download</a> and install it, "
1362 "choosing default options whenever asked. After it's installed, you can close "
1363 "any windows that it creates."
1366 #. type: Content of: <html><body><section><div><div><div><p>
1368 "There are major security flaws in versions of GnuPG provided by GPGTools "
1369 "prior to 2018.3. Make sure you have GPGTools 2018.3 or later."
1372 #. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img>
1373 msgid "Step 1.C: Tools -> Add-ons"
1376 #. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img>
1377 msgid "Step 1.C: Search Add-ons"
1380 #. type: Attribute 'alt' of: <html><body><section><div><div><div><ul><li><img>
1381 msgid "Step 1.C: Install Add-ons"
1384 #. type: Content of: <html><body><section><div><div><div><h3>
1385 msgid "<em>Step 1.c</em> Install the Enigmail plugin for your email program"
1388 #. type: Content of: <html><body><section><div><div><div><p>
1390 "There are major security flaws in Enigmail prior to version 2.0.7. Make sure "
1391 "you have Enigmail 2.0.7 or later."
1394 #. type: Content of: <html><body><section><div><div><div><p>
1396 "For greater security against potential attacks, you can turn off "
1397 "HTML. Instead, you can render the message body as plain text."
1400 #. type: Content of: <html><body><header><div><h1>
1404 #. type: Content of: <html><body><section><div><div><h2>
1405 msgid "<em>#6</em> Next steps"
1408 #. type: Content of: <html><body><section><div><div><p>
1410 "You've now completed the basics of email encryption with GnuPG, taking "
1411 "action against bulk surveillance. These next steps will help make the most "
1412 "of the work you've done."
1415 #. type: Content of: <html><body><section><div><div><div><h3>
1416 msgid "Join the movement"
1419 #. type: Content of: <html><body><section><div><div><div><p>
1421 "You've just taken a huge step towards protecting your privacy online. But "
1422 "each of us acting alone isn't enough. To topple bulk surveillance, we need "
1423 "to build a movement for the autonomy and freedom of all computer users. Join "
1424 "the Free Software Foundation's community to meet like-minded people and work "
1425 "together for change."
1428 #. type: Content of: <html><body><section><div><div><div><p>
1430 "<small>Read <a href=\"https://www.fsf.org/twitter\">why GNU Social and "
1431 "Pump.io are better than Twitter</a>, and <a "
1432 "href=\"http://www.fsf.org/facebook\">why we don't use Facebook</a>.</small>"
1435 #. type: Content of: <html><body><section><div><div><div><div><p>
1436 msgid "Low-volume mailing list"
1439 #. type: Content of: <html><body><section><div><div><div><div><form>
1441 "<input type=\"text\" value=\"Type your email...\" name=\"email-Primary\" "
1442 "id=\"frmEmail\" /> <input type=\"submit\" value=\"Add me\" "
1443 "name=\"_qf_Edit_next\" /> <input type=\"hidden\" "
1444 "value=\"https://emailselfdefense.fsf.org/en/confirmation.html\" "
1445 "name=\"postURL\" /> <input type=\"hidden\" value=\"1\" name=\"group[25]\" /> "
1446 "<input type=\"hidden\" "
1447 "value=\"https://my.fsf.org/civicrm/profile?reset=1&gid=391\" "
1448 "name=\"cancelURL\" /> <input type=\"hidden\" value=\"Edit:cancel\" "
1449 "name=\"_qf_default\" />"
1452 #. type: Content of: <html><body><section><div><div><div><div><p>
1454 "<small>Read our <a "
1455 "href=\"https://my.fsf.org/donate/privacypolicy.html\">privacy "
1456 "policy</a>.</small>"
1459 #. type: Content of: <html><body><section><div><div><div><h3>
1460 msgid "Bring Email Self-Defense to new people"
1463 #. type: Content of: <html><body><section><div><div><div><p>
1465 "Understanding and setting up email encryption is a daunting task for "
1466 "many. To welcome them, make it easy to find your public key and offer to "
1467 "help with encryption. Here are some suggestions:"
1470 #. type: Content of: <html><body><section><div><div><div><ul><li>
1472 "Lead an Email Self-Defense workshop for your friends and community, using "
1473 "our <a href=\"workshops.html\">teaching guide</a>."
1476 #. type: Content of: <html><body><section><div><div><div><ul><li>
1478 "Use <a href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Encrypt "
1479 "with me using Email Self-Defense %40fsf\">our sharing page</a> to compose a "
1480 "message to a few friends and ask them to join you in using encrypted "
1481 "email. Remember to include your GnuPG public key fingerprint so they can "
1482 "easily download your key."
1485 #. type: Content of: <html><body><section><div><div><div><ul><li>
1487 "Add your public key fingerprint anywhere that you normally display your "
1488 "email address. Some good places are: your email signature (the text kind, "
1489 "not the cryptographic kind), social media profiles, blogs, Websites, or "
1490 "business cards. At the Free Software Foundation, we put ours on our <a "
1491 "href=\"https://fsf.org/about/staff\">staff page</a>."
1494 #. type: Content of: <html><body><section><div><div><div><h3>
1495 msgid "Protect more of your digital life"
1498 #. type: Content of: <html><body><section><div><div><div><p>
1500 "Learn surveillance-resistant technologies for instant messages, hard drive "
1501 "storage, online sharing, and more at <a "
1502 "href=\"https://directory.fsf.org/wiki/Collection:Privacy_pack\"> the Free "
1503 "Software Directory's Privacy Pack</a> and <a "
1504 "href=\"https://prism-break.org\">prism-break.org</a>."
1507 #. type: Content of: <html><body><section><div><div><div><p>
1509 "If you are using Windows, Mac OS or any other proprietary operating system, "
1510 "we recommend you switch to a free software operating system like "
1511 "GNU/Linux. This will make it much harder for attackers to enter your "
1512 "computer through hidden back doors. Check out the Free Software Foundation's "
1513 "<a href=\"http://www.gnu.org/distros/free-distros.html\">endorsed versions "
1517 #. type: Content of: <html><body><section><div><div><div><h3>
1518 msgid "Optional: Add more email protection with Tor"
1521 #. type: Content of: <html><body><section><div><div><div><p>
1523 "<a href=\"https://www.torproject.org/about/overview.html.en\">The Onion "
1524 "Router (Tor) network</a> wraps Internet communication in multiple layers of "
1525 "encryption and bounces it around the world several times. When used "
1526 "properly, Tor confuses surveillance field agents and the global surveillance "
1527 "apparatus alike. Using it simultaneously with GnuPG's encryption will give "
1528 "you the best results."
1531 #. type: Content of: <html><body><section><div><div><div><p>
1533 "To have your email program send and receive email over Tor, install the <a "
1534 "href=\"https://addons.mozilla.org/en-us/thunderbird/addon/torbirdy/\">Torbirdy "
1535 "plugin</a> the same way you installed Enigmail, by searching for it through "
1539 #. type: Content of: <html><body><section><div><div><div><p>
1541 "Before beginning to check your email over Tor, make sure you understand <a "
1542 "href=\"https://www.torproject.org/docs/faq.html.en#WhatProtectionsDoesTorProvide\"> "
1543 "the security tradeoffs involved</a>. This <a "
1544 "href=\"https://www.eff.org/pages/tor-and-https\">infographic</a> from our "
1545 "friends at the Electronic Frontier Foundation demonstrates how Tor keeps you "
1549 #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img>
1550 msgid "Section 6: Next Steps"
1553 #. type: Content of: <html><body><section><div><div><div><p>
1554 msgid "← <a href=\"index.html\">Return to the guide</a>"
1557 #. type: Content of: <html><body><section><div><div><div><h3>
1558 msgid "Make Email Self-Defense tools even better"
1561 #. type: Content of: <html><body><section><div><div><div><p>
1563 "<a href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">Leave "
1564 "feedback and suggest improvements to this guide</a>. We welcome "
1565 "translations, but we ask that you contact us at <a "
1566 "href=\"mailto:campaigns@fsf.org\">campaigns@fsf.org</a> before you start, so "
1567 "that we can connect you with other translators working in your language."
1570 #. type: Content of: <html><body><section><div><div><div><p>
1572 "If you like programming, you can contribute code to <a "
1573 "href=\"https://www.gnupg.org/\">GnuPG</a> or <a "
1574 "href=\"https://www.enigmail.net/home/index.php\">Enigmail</a>."
1577 #. type: Content of: <html><body><section><div><div><div><p>
1579 "To go the extra mile, support the Free Software Foundation so we can keep "
1580 "improving Email Self-Defense, and make more tools like it."
1583 #. type: Content of: <html><body><header><div><ul><li>
1584 msgid "<a href=\"windows.html\" class=\"current\">Windows</a>"
1587 #. type: Content of: <html><body><section><div><div><div><h3>
1588 msgid "<em>Step 1.b</em> Get GnuPG by downloading GPG4Win"
1591 #. type: Content of: <html><body><section><div><div><div><p>
1593 "GPG4Win is a software package that includes GnuPG. <a "
1594 "href=\"https://www.gpg4win.org/\">Download</a> and install it, choosing "
1595 "default options whenever asked. After it's installed, you can close any "
1596 "windows that it creates."
1599 #. type: Content of: <html><body><section><div><div><div><p>
1601 "There are major security flaws in versions of GnuPG provided by GPG4Win "
1602 "prior to 3.1.2. Make sure you have GPG4Win 3.1.2 or later."
1605 #. type: Content of: <html><head><title>
1606 msgid "Email Self-Defense - Teach your friends!"
1609 #. type: Content of: <html><body><header><div><ul><li>
1610 msgid "<a href=\"workshops.html\" class=\"current\">Teach your friends</a>"
1613 #. type: Content of: <html><body><header><div><ul><li><a>
1615 "<a href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Email "
1616 "encryption for everyone via %40fsf\">Share "
1619 #. type: Content of: <html><body><header><div><div><div><p>
1621 "We want to translate this guide into more languages, and make a version for "
1622 "encryption on mobile devices. Please donate, and help people around the "
1623 "world take the first step towards protecting their privacy with free "
1627 #. type: Content of: <html><body><header><div><div><p><a>
1629 "<a id=\"infographic\" "
1630 "href=\"https://emailselfdefense.fsf.org/en/infographic.html\">"
1633 #. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img>
1634 msgid "View & share our infographic →"
1637 #. type: Content of: <html><body><header><div><div><p>
1639 "</a> Understanding and setting up email encryption sounds like a daunting "
1640 "task to many people. That's why helping your friends with GnuPG plays such "
1641 "an important role in helping spread encryption. Even if only one person "
1642 "shows up, that's still one more person using encryption who wasn't "
1643 "before. You have the power to help your friends keep their digital love "
1644 "letters private, and teach them about the importance of free software. If "
1645 "you use GnuPG to send and receive encrypted email, you're a perfect "
1646 "candidate for leading a workshop!"
1649 #. type: Attribute 'alt' of: <html><body><section><div><div><p><img>
1650 msgid "A small workshop among friends"
1653 #. type: Content of: <html><body><section><div><div><h2>
1654 msgid "<em>#1</em> Get your friends or community interested"
1657 #. type: Content of: <html><body><section><div><div><p>
1659 "If you hear friends grumbling about their lack of privacy, ask them if "
1660 "they're interested in attending a workshop on Email Self-Defense. If your "
1661 "friends don't grumble about privacy, they may need some convincing. You "
1662 "might even hear the classic \"if you've got nothing to hide, you've got "
1663 "nothing to fear\" argument against using encryption."
1666 #. type: Content of: <html><body><section><div><div><p>
1668 "Here are some talking points you can use to help explain why it's worth it "
1669 "to learn GnuPG. Mix and match whichever you think will make sense to your "
1673 #. type: Content of: <html><body><section><div><div><div><h3>
1674 msgid "Strength in numbers"
1677 #. type: Content of: <html><body><section><div><div><div><p>
1679 "Each person who chooses to resist mass surveillance with encryption makes it "
1680 "easier for others to resist as well. People normalizing the use of strong "
1681 "encryption has multiple powerful effects: it means those who need privacy "
1682 "the most, like potential whistle-blowers and activists, are more likely to "
1683 "learn about encryption. More people using encryption for more things also "
1684 "makes it harder for surveillance systems to single out those that can't "
1685 "afford to be found, and shows solidarity with those people."
1688 #. type: Content of: <html><body><section><div><div><div><h3>
1689 msgid "People you respect may already be using encryption"
1692 #. type: Content of: <html><body><section><div><div><div><p>
1694 "Many journalists, whistleblowers, activists, and researchers use GnuPG, so "
1695 "your friends might unknowingly have heard of a few people who use it "
1696 "already. You can search for \"BEGIN PUBLIC KEY BLOCK\" + keyword to help "
1697 "make a list of people and organizations who use GnuPG whom your community "
1698 "will likely recognize."
1701 #. type: Content of: <html><body><section><div><div><div><h3>
1702 msgid "Respect your friends' privacy"
1705 #. type: Content of: <html><body><section><div><div><div><p>
1707 "There's no objective way to judge what constitutes privacy-sensitive "
1708 "correspondence. As such, it's better not to presume that just because you "
1709 "find an email you sent to a friend innocuous, your friend (or a surveillance "
1710 "agent, for that matter!) feels the same way. Show your friends respect by "
1711 "encrypting your correspondence with them."
1714 #. type: Content of: <html><body><section><div><div><div><h3>
1715 msgid "Privacy technology is normal in the physical world"
1718 #. type: Content of: <html><body><section><div><div><div><p>
1720 "In the physical realm, we take window blinds, envelopes, and closed doors "
1721 "for granted as ways of protecting our privacy. Why should the digital realm "
1725 #. type: Content of: <html><body><section><div><div><div><h3>
1726 msgid "We shouldn't have to trust our email providers with our privacy"
1729 #. type: Content of: <html><body><section><div><div><div><p>
1731 "Some email providers are very trustworthy, but many have incentives not to "
1732 "protect your privacy and security. To be empowered digital citizens, we need "
1733 "to build our own security from the bottom up."
1736 #. type: Content of: <html><body><section><div><div><h2>
1737 msgid "<em>#2</em> Plan The Workshop"
1740 #. type: Content of: <html><body><section><div><div><p>
1742 "Once you've got at least one interested friend, pick a date and start "
1743 "planning out the workshop. Tell participants to bring their computer and ID "
1744 "(for signing each other's keys). If you'd like to make it easy for the "
1745 "participants to use Diceware for choosing passwords, get a pack of dice "
1746 "beforehand. Make sure the location you select has an easily accessible "
1747 "Internet connection, and make backup plans in case the connection stops "
1748 "working on the day of the workshop. Libraries, coffee shops, and community "
1749 "centers make great locations. Try to get all the participants to set up an "
1750 "Enigmail-compatible email client before the event. Direct them to their "
1751 "email provider's IT department or help page if they run into errors."
1754 #. type: Content of: <html><body><section><div><div><p>
1756 "Estimate that the workshop will take at least forty minutes plus ten minutes "
1757 "for each participant. Plan extra time for questions and technical glitches."
1760 #. type: Content of: <html><body><section><div><div><p>
1762 "The success of the workshop requires understanding and catering to the "
1763 "unique backgrounds and needs of each group of participants. Workshops should "
1764 "stay small, so that each participant receives more individualized "
1765 "instruction. If more than a handful of people want to participate, keep the "
1766 "facilitator to participant ratio high by recruiting more facilitators, or by "
1767 "facilitating multiple workshops. Small workshops among friends work great!"
1770 #. type: Content of: <html><body><section><div><div><h2>
1771 msgid "<em>#3</em> Follow the guide as a group"
1774 #. type: Content of: <html><body><section><div><div><p>
1776 "Work through the Email Self-Defense guide a step at a time as a group. Talk "
1777 "about the steps in detail, but make sure not to overload the participants "
1778 "with minutia. Pitch the bulk of your instructions to the least tech-savvy "
1779 "participants. Make sure all the participants complete each step before the "
1780 "group moves on to the next one. Consider facilitating secondary workshops "
1781 "afterwards for people that had trouble grasping the concepts, or those that "
1782 "grasped them quickly and want to learn more."
1785 #. type: Content of: <html><body><section><div><div><p>
1787 "In <a href=\"index.html#section2\">Section 2</a> of the guide, make sure the "
1788 "participants upload their keys to the same keyserver so that they can "
1789 "immediately download each other's keys later (sometimes there is a delay in "
1790 "synchronization between keyservers). During <a "
1791 "href=\"index.html#section3\">Section 3</a>, give the participants the option "
1792 "to send test messages to each other instead of or as well as "
1793 "Edward. Similarly, in <a href=\"index.html#section4\">Section 4</a>, "
1794 "encourage the participants to sign each other's keys. At the end, make sure "
1795 "to remind people to safely back up their revocation certificates."
1798 #. type: Content of: <html><body><section><div><div><h2>
1799 msgid "<em>#4</em> Explain the pitfalls"
1802 #. type: Content of: <html><body><section><div><div><p>
1804 "Remind participants that encryption works only when it's explicitly used; "
1805 "they won't be able to send an encrypted email to someone who hasn't already "
1806 "set up encryption. Also remind participants to double-check the encryption "
1807 "icon before hitting send, and that subjects and timestamps are never "
1811 #. type: Content of: <html><body><section><div><div><p>
1814 "href=\"https://www.gnu.org/proprietary/proprietary.html\">dangers of running "
1815 "a proprietary system</a> and advocate for free software, because without it, "
1817 "href=\"https://www.fsf.org/bulletin/2013/fall/how-can-free-software-protect-us-from-surveillance\">meaningfully "
1818 "resist invasions of our digital privacy and autonomy</a>."
1821 #. type: Content of: <html><body><section><div><div><h2>
1822 msgid "<em>#5</em> Share additional resources"
1825 #. type: Content of: <html><body><section><div><div><p>
1827 "GnuPG's advanced options are far too complex to teach in a single "
1828 "workshop. If participants want to know more, point out the advanced "
1829 "subsections in the guide and consider organizing another workshop. You can "
1831 "href=\"https://www.gnupg.org/documentation/index.html\">GnuPG's</a> and <a "
1832 "href=\"https://www.enigmail.net/documentation/index.php\">Enigmail's</a> "
1833 "official documentation and mailing lists. Many GNU/Linux distribution's Web "
1834 "sites also contain a page explaining some of GnuPG's advanced features."
1837 #. type: Content of: <html><body><section><div><div><h2>
1838 msgid "<em>#6</em> Follow up"
1841 #. type: Content of: <html><body><section><div><div><p>
1843 "Make sure everyone has shared email addresses and public key fingerprints "
1844 "before they leave. Encourage the participants to continue to gain GnuPG "
1845 "experience by emailing each other. Send them each an encrypted email one "
1846 "week after the event, reminding them to try adding their public key ID to "
1847 "places where they publicly list their email address."
1850 #. type: Content of: <html><body><section><div><div><p>
1852 "If you have any suggestions for improving this workshop guide, please let us "
1853 "know at <a href=\"mailto:campaigns@fsf.org\">campaigns@fsf.org</a>."
1856 #. type: Content of: <html><body><footer><div><div><p>
1858 "The images on this page are under a <a "
1859 "href=\"https://creativecommons.org/licenses/by/4.0/\">Creative Commons "
1860 "Attribution 4.0 license (or later version)</a>, and the rest of it is under "
1861 "a <a href=\"https://creativecommons.org/licenses/by-sa/4.0\">Creative "
1862 "Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download "
1864 "href=\"http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz\">source "
1865 "code of Edward reply bot</a> by Andrew Engelbrecht "
1866 "<sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>, "
1867 "available under the GNU Affero General Public License. <a "
1868 "href=\"http://www.gnu.org/licenses/license-list.html#OtherLicenses\">Why "
1869 "these licenses?</a>"