Step 1.a Set your email program up with your email account (if it isn't already)
+Step 1.a Setup your email program with your email account (if it isn't already)
Open your email program and follow the wizard that sets it up with your email account.
@@ -114,9 +114,9 @@-
-
- 
- 
+ 
+ 
+ 
Step 2.a Make a keypair
@@ -191,7 +191,7 @@Troubleshooting
- The progress bar never finishes -
- Close the upload popup, make sure you are on the Internet and try again. If that doesn't work, try again, selecting a different keyserver. +
- Close the upload popup, make sure you are connected to the Internet, and try again. If that doesn't work, try again, selecting a different keyserver.
- My key doesnt appear in the list
- Try checking Show Default Keys. @@ -227,7 +227,7 @@
Step 3.a Send Adele your public key
@@ -307,7 +307,7 @@#4 Learn the Web of Trust
Email encryption is a powerful technology, but it has a weakness; it requires a way to verify that a person's public key is actually theirs. Otherwise, there would be no way to stop an attacker from making an email address with your friend's name, creating keys to go with it and impersonating your friend. That's why the free software programmers that developed email encryption created keysigning and the Web of Trust.
-When you sign someone's key, you are publicly saying that you trust that it does belong to them and not an impostor. People who use your public key can see the number of signatures it has. Once you've used GnuPG for a long time, you may have hundreds of signatures. The Web of Trust is the constellation of all GnuPG users, connected to each other by chains of trust expressed through signatures, into a giant network. The more signatures a key has, and the more signatures its signers' keys have, the more trustworthy that key is.
+When you sign someone's key, you are publicly saying that you trust that it does belong to them and not an impostor. People who use your public key can see the number of signatures it has. Once you've used GnuPG for a long time, you may have hundreds of signatures. The Web of Trust is the constellation of all GnuPG users, connected to each other by chains of trust expressed through signatures, forming a giant network. The more signatures a key has, and the more signatures its signers' keys have, the more trustworthy that key is.
People's public keys are usually identified by their key fingerprint, which is a string of digits like DD878C06E8C2BEDDD4A440D3E573346992AB3FF7 (for Adele's key). You can see the fingerprint for your public key, and other public keys saved on your computer, by going to OpenPGP → Key Management in your email program's menu, then right clicking on the key and choosing Key Properties. It's good practice to share your fingerprint wherever you share your email address, so that so that people can double-check that they have the correct public key when they download yours from a keyserver.
@@ -319,14 +319,14 @@
Step 4.a Sign a key
In your email program's menu, go to OpenPGP → Key Management.
Right click on Adele's public key and select Sign Key from the context menu.
-In the window that pops up, select "I will not answer" and click OK.
-In your email program's menu, go to OpenPGP → Key Management → Keyserver → Upload Public Keys and hit OK.
+In the window that pops up, select "I will not answer" and click ok.
+In your email program's menu, go to OpenPGP → Key Management → Keyserver → Upload Public Keys and hit ok.
You've just effectively said "I trust that Adele's public key actually belongs to Adele." This doesn't mean much because Adele isn't a real person, but it's good practice.
@@ -365,12 +365,12 @@
When should I encrypt?
-The more you can encrypt your messages, the better. This is because, if you only encrypt emails occasionally, each encrypted message could raise a red flag for surveillance systems. If all or most of your email is encrypted, people doing surveillance won't know where to start.
+The more you can encrypt your messages, the better. If you only encrypt emails occasionally, each encrypted message could raise a red flag for surveillance systems. If all or most of your email is encrypted, people doing surveillance won't know where to start.
That's not to say that only encrypting some of your email isn't helpful -- it's a great start and it makes bulk surveillance more difficult.
@@ -380,7 +380,7 @@
Important: Be wary of invalid keys
@@ -394,8 +394,8 @@Copy your revocation certificate to somewhere safe
-Remember when you created your keys and saved the revocation certificate that GnuPG made? It's time to copy that certificate onto the safest digital storage that you have -- the ideal thing is a flash drive, disk or hard drive stored in a safe place in your home.
-If your private key ever gets lost or stolen, you'll need this certificate file.
+Remember when you created your keys and saved the revocation certificate that GnuPG made? It's time to copy that certificate onto the safest digital storage that you have -- the ideal thing is a flash drive, disk, or hard drive stored in a safe place in your home.
+If your private key ever gets lost or stolen, you'll need this certificate file to let people know that you are no longer using that keypair.
Copyright © 2014 Free Software Foundation, Inc. Privacy Policy. Join.
-Version 2.0, launched 6/18/2014.
+Version 2.0.
The images on this page are under a Creative Commons Attribution 4.0 license (or later version), and the rest of it is under a Creative Commons Attribution-ShareAlike 4.0 license (or later version). — Why these licenses?
-Download the source packages for this guide and for the infographic. Fonts used in the guide & infographic: Dosis by Pablo Impallari, Signika by Anna Giedryś Archivo Narrow by Omnibus-Type, PXL-2000 by Florian Cramer.
+Download the source package for this guide. Fonts used in the guide & infographic: Dosis by Pablo Impallari, Signika by Anna Giedryś Archivo Narrow by Omnibus-Type, PXL-2000 by Florian Cramer.