<ul id="languages" class="os">
<li><a class="current" href="/en">English - v4.0</a></li>
<li><a href="/ar">العربية <span class="tip">tip</span></a></li>
-<li><a href="/cs">Ä\8ceština - v4.0</a></li>
-<li><a href="/de">Deutsch - v3.0</a></li>
+<li><a href="/cs">Ä\8deština - v4.0</a></li>
+<li><a href="/de">Deutsch - v4.0</a></li>
<li><a href="/el">ελληνικά - v3.0</a></li>
<li><a href="/es">español - v4.0</a></li>
<li><a href="/fa">فارسی - v4.0</a></li>
<li><a href="/sq">Shqip - v4.0</a></li>
<li><a href="/sv">svenska - v4.0</a></li>
<li><a href="/tr">Türkçe - v4.0</a></li>
-<li><a href="/zh-hans">简体中文 <span class="tip">tip</span></a></li>
-<li><a href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"><strong><span
-style="color: #2F5FAA;">Translate!</span></strong></a></li>
+<li><a href="/zh-hans">简体中文 - v4.0</a></li>
+<li><a href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide">
+<strong><span style="color: #2F5FAA;">Translate!</span></strong></a></li>
</ul>
<ul id="menu" class="os">
<li class="spacer"><a href="index.html">GNU/Linux</a></li>
<li><a href="mac.html">Mac OS</a></li>
<li><a href="windows.html" class="current">Windows</a></li>
-<li><a href="workshops.html">Teach your friends</a></li>
-<li><a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email
-encryption for everyone via %40fsf">Share
-<img
-src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
-class="share-logo"
+<li class="spacer"><a href="workshops.html">Teach your friends</a></li>
+<li class="spacer"><a
+href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email encryption for everyone via %40fsf">
+Share
+<img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png" class="share-logo"
alt="[GNU Social]" />
-<img
-src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
-class="share-logo"
-alt="[Pump.io]" />
-<img
-src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png"
-class="share-logo"
+<img src="//static.fsf.org/nosvn/enc-dev0/img/mastodon.png" class="share-logo"
+alt="[Mastodon]" />
+<img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png" class="share-logo"
alt="[Reddit]" />
-<img
-src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png"
-class="share-logo"
-alt="[Hacker News]" />
-</a></li>
+<img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png" class="share-logo"
+alt="[Hacker News]" /></a></li>
</ul>
<!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
<p class="notes">This guide relies on software which is <a
href="https://www.gnu.org/philosophy/free-sw.html">freely licensed</a>; it's
completely transparent and anyone can copy it or make their own version. This
-makes it safer from surveillance than proprietary software (like Windows). To
-defend your freedom as well as protect yourself from surveillance, we recommend
-you switch to a free software operating system like GNU/Linux. Learn more
-about free software at <a href="https://u.fsf.org/ys">fsf.org</a>.</p>
+makes it safer from surveillance than proprietary software (like Windows or Mac
+OS). To defend your freedom as well as protect yourself from surveillance, we
+recommend you switch to a free software operating system like GNU/Linux. Learn
+
more about free software at <a href="https://u.fsf.org/ys">fsf.org</a>.</p>
<p>To get started, you'll need the IceDove desktop email program installed
on your computer. For your system, IceDove may be known by the alternate name
<p>If you already have an email program, you can skip to <a
href="#step-1b">Step 1.b</a>.</p>
-<p class="notes">There are serious security flaws in GnuPG versions prior to 2.2.8. Install GnuPG versions 2.2.8 or 1.4.23 or later. There are also known issues with GPGTools prior to 2018.3. Make sure you have the most recent version of GPGTools.</p>
-
</div><!-- End .section-intro -->
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<p>Open your email program and follow the wizard (step-by-step walkthrough)
that sets it up with your email account.</p>
+<p>Look for the letters SSL, TLS, or STARTTLS to the right of the servers
+when you're setting up your account. If you don't see them, you will still
+be able to use encryption, but this means that the people running your email
+system are running behind the industry standard in protecting your security
+and privacy. We recommend that you send them a friendly email asking them
+to enable SSL, TLS, or STARTTLS for your email server. They will know what
+you're talking about, so it's worth making the request even if you aren't
+an expert on these security systems.</p>
+
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
<dl>
<dt>The wizard doesn't launch</dt>
<dd>You can launch the wizard yourself, but the menu option for doing so is
-named differently in each email programs. The button to launch it will be in
+named differently in each email program. The button to launch it will be in
the program's main menu, under "New" or something similar, titled something
like "Add account" or "New/Existing email account."</dd>
options whenever asked. After it's installed, you can close any windows that
it creates.</p>
+<p>There are major security flaws in versions of GnuPG provided by GPG4Win
+prior to 3.1.2. Make sure you have GPG4Win 3.1.2 or later.</p>
+
</div><!-- End .main -->
</div><!-- End #step1-b .step -->
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<div id="step-1c" class="step">
<div class="sidebar">
-
<ul class="images">
-<li><img
-src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-01-tools-addons.png"
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-01-tools-addons.png"
alt="Step 1.C: Tools -> Add-ons" /></li>
-<li><img
-src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-02-search.png"
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-02-search.png"
alt="Step 1.C: Search Add-ons" /></li>
-<li><img
-src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-03-install.png"
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-03-install.png"
alt="Step 1.C: Install Add-ons" /></li>
</ul>
<h3><em>Step 1.c</em> Install the Enigmail plugin for your email program</h3>
<p>In your email program's menu, select Add-ons (it may be in the Tools
-section). Make sure Extensions is selected on the left. Do you see Enigmail? If
-so, skip this step.</p>
+section). Make sure Extensions is selected on the left. Do you see Enigmail?
+Make sure it's the latest version. If so, skip this step.</p>
<p>If not, search "Enigmail" with the search bar in the upper right. You
can take it from here. Restart your email program when you're done.</p>
-<p>Enigmail versions prior to 2.0.7 have serious security issues. Make sure to install version 2.0.7 or later.</p>
+<p>There are major security flaws in Enigmail prior to version 2.0.7. Make
+sure you have Enigmail 2.0.7 or later.</p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
<dd>In many new email programs, the main menu is represented by an image of
three stacked horizontal bars.</dd>
+<dt>My email looks weird</dt>
+<dd>Enigmail doesn't tend to play nice with HTML, which is used to format
+emails, so it may disable your HTML formatting automatically. To send an
+HTML-formatted email without encryption or a signature, hold down the Shift
+key when you select compose. You can then write an email as if Enigmail
+wasn't there.</dd>
+
<dt class="feedback">Don't see a solution to your problem?</dt>
<dd class="feedback">Please let us know on the <a
href="https://libreplanet.org/wiki/GPG_guide/Public_Review">feedback
</div><!-- /.troubleshooting -->
</div><!-- End .main -->
-</div><!-- End #step-1c .step -->
+</div><!-- End #step-1b .step -->
</div></section><!-- End #section1 -->
<!-- ~~~~~~~~~ Section 2: Make your keys ~~~~~~~~~ -->
<p>Your private key is more like a physical key, because you keep it to
yourself (on your computer). You use GnuPG and your private key together to
descramble encrypted emails other people send to you. <span style="font-weight:
-bold;">You should never share you private key with anyone, under any
+bold;">You should never share your private key with anyone, under any
circumstances.</span></p>
<p>In addition to encryption and decryption, you can also use these keys to
<li>On the screen titled "Create Key," pick a strong password! You can
do it manually, or you can use the Diceware method. Doing it manually
is faster but not as secure. Using Diceware takes longer and requires
-dice, but creates a password that is much harder for attackers figure
+dice, but creates a password that is much harder for attackers to figure
out. To use it, read the section "Make a secure passphrase with Diceware" in <a
-href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">this
-article</a> by Micah Lee.</li>
+href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">
+this article</a> by Micah Lee.</li>
</ul>
<p>If you'd like to pick a password manually, come up with something
<dt>More resources</dt>
<dd>If you're having trouble with our
instructions or just want to learn more, check out <a
-href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">Enigmail's
-wiki instructions for key generation</a>.</dd>
-
-<dt>My email looks weird</dt>
-<dd>Enigmail doesn't tend to play nice with HTML, which is used to format
-emails, so it may disable your HTML formatting automatically. To send an
-HTML-formatted email without encryption or a signature, hold down the Shift
-key when you select compose. You can then write an email as if Enigmail
-wasn't there.</dd>
+href="https://www.enigmail.net/documentation/Key_Management#Generating_your_own_key_pair">
+Enigmail's wiki instructions for key generation</a>.</dd>
<dt class="feedback">Don't see a solution to your problem?</dt>
<dd class="feedback">Please let us know on the <a
<p>In your email program's menu, select Enigmail → Key Management.</p>
-<p>Right click on your key and select Upload Public Keys to Keyserver. Use
-the default keyserver in the popup.</p>
+<p>Right click on your key and select Upload Public Keys to Keyserver. You
+don't have to use the default keyserver. If, after research, you would like
+to change to a different default keyserver, you can change that setting
+manually in the Enigmail preferences.</p>
<p class="notes">Now someone who wants to send you an encrypted message can
download your public key from the Internet. There are multiple keyservers
<dt>More documentation</dt>
<dd>If you're having trouble with our
instructions or just want to learn more, check out <a
-href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">Enigmail's
-documentation</a>.</dd>
+href="https://www.enigmail.net/documentation/Key_Management#Distributing_your_public_key">
+Enigmail's documentation</a>.</dd>
<dt class="feedback">Don't see a solution to your problem?</dt>
<dd class="feedback">Please let us know on the <a
<dt>More resources</dt>
<dd>If you're still having trouble with our
instructions or just want to learn more, check out <a
-href="https://enigmail.wiki/Signature_and_Encryption#Encrypting_a_message">Enigmail's
-wiki</a>.</dd>
+href="https://www.enigmail.net/documentation/Signature_and_Encryption#Encrypting_a_message">
+Enigmail's wiki</a>.</dd>
<dt class="feedback">Don't see a solution to your problem?</dt>
<dd class="feedback">Please let us know on the <a
<h3><em>Step 3.c</em> Receive a response</h3>
<p>When Edward receives your email, he will use his private key to decrypt
-it, then use your public key (which you sent him in <a href="#step-3a">Step
-3.A</a>) to encrypt his reply to you.</p>
+it, then reply to you. </p>
<p class="notes">It may take two or three minutes for Edward to
respond. In the meantime, you might want to skip ahead and check out the <a
href="#section5">Use it Well</a> section of this guide.</p>
-<p>When you receive Edward's email and open it, Enigmail will automatically
-detect that it is encrypted with your public key, and then it will use your
-private key to decrypt it.</p>
-
-<p>Notice the bar that Enigmail shows you above the message, with information
-about the status of Edward's key.</p>
-
</div><!-- End .main -->
</div><!-- End #step-3c .step -->
<h3><em>Step 3.e</em> Receive a response</h3>
-<p>When Edward receives your email, he will use your public key (which you
-sent him in <a href="#step-3a">Step 3.A</a>) to verify that your signature
-is authentic and the message you sent has not been tampered with.</p>
+<p>When Edward receives your email, he will use your public key (which
+you sent him in <a href="#step-3a">Step 3.A</a>) to verify the message
+you sent has not been tampered with and to encrypt his reply to you.</p>
<p class="notes">It may take two or three minutes for Edward to
respond. In the meantime, you might want to skip ahead and check out the <a
"Your signature was verified." If your test signed email was also encrypted,
he will mention that first.</p>
+<p>When you receive Edward's email and open it, Enigmail will
+automatically detect that it is encrypted with your public key, and
+then it will use your private key to decrypt it.</p>
+
+<p>Notice the bar that Enigmail shows you above the message, with
+information about the status of Edward's key.</p>
+
</div><!-- End .main -->
</div><!-- End #step-3e .step -->
</div></section>
<form enctype="application/x-www-form-urlencoded" action="/mk_path.cgi"
method="get">
-<p><strong>From:</strong><input type="text" placeholder="xD41A008"
+<p><strong>From:</strong><input type="text" value="xD41A008"
name="FROM"></p>
-<p><strong>To:</strong><input type="text" placeholder="50BD01x4" name="TO"></p>
+<p><strong>To:</strong><input type="text" value="50BD01x4" name="TO"></p>
<p class="buttons"><input type="submit" value="trust paths" name="PATHS"><input
type="reset" value="reset" name=".reset"></p>
<h3>Identifying keys: Fingerprints and IDs</h3>
-
<p>People's public keys are usually identified by their key fingerprint,
which is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8
(for Edward's key). You can see the fingerprint for your public key, and
<h3>Transferring you key</h3>
<p>You can use Enigmail's <a
-href="https://www.enigmail.net/documentation/keyman.php">key management
+href="https://www.enigmail.net/documentation/Key_Management">key management
window</a> to import and export keys. If you want to be able to read
your encrypted email on a different computer, you will need to export
your secret key from here. Be warned, if you transfer the key without <a
Attribution 4.0 license (or later version)</a>, and the rest of it is under
a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons
Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a
-href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">source
-code of Edward reply bot</a> by Andrew Engelbrecht
-<sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>,
+href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">
+source code of Edward reply bot</a> by Andrew Engelbrecht
+<andrew@engelbrecht.io> and Josh Drake <zamnedix@gnu.org>,
available under the GNU Affero General Public License. <a
href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these
licenses?</a></p>
alt="Journalism++" /></a></p><!-- /.credits -->
</div></footer><!-- End #footer -->
-<script src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
-<script src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
<!-- Piwik -->
-<script type="text/javascript" >
-// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
+<script type="text/javascript" ><!--
+// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
var pkBaseURL = (("https:" == document.location.protocol) ? "https://piwik.fsf.org/" : "http://piwik.fsf.org/");
document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
try {
piwikTracker.enableLinkTracking();
} catch( err ) {}
// @license-end
-</script><noscript><p><img src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0" alt="" /></p></noscript>
+--></script>
+<noscript><p><img
+src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0"
+alt="" /></p></noscript>
<!-- End Piwik Tracking Code -->
-
</body>
</html>
projects / enc.git / blobdiff