<h4>疑难解答</h4>
<dl>
- <dt>I can't find the menu.</dt>
- <dd>In many new email programs, the main menu is represented by an image of three stacked horizontal bars.</dd>
- <dt>My email looks weird</dt>
- <dd>Enigmail doesn't tend to play nice with HTML, which is used to format emails, so it may disable your HTML formatting automatically. To send an HTML-formatted email without encryption or a signature, hold down the Shift key when you select compose. You can then write an email as if Enigmail wasn't there.</dd>
+ <dt>我找不到菜单</dt>
+ <dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。</dd>
+ <dt>我的邮件看起来很奇怪</dt>
+ <dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的 HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
<dt class="feedback">没有解决你的问题?</dt>
<dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
</div><!-- /.sidebar -->
<div class="main">
<h3><em>Step 2.a</em> 生成密钥对</h3>
- <p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup Wizard(安装向导)。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
+ <p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup Wizard。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
<ul>
- <li>在“加密”(Encryption)界面,选中“默认加密所有我的消息,因为隐私对我很重要”(Encrypt all of my messages by default, because privacy is critical to me)。</li>
- <li>在“签名”(Signing)界面,选中“默认不对我的消息签名”(Don't sign my messages by default)。</li>
- <li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”(I want to create a new key pair for signing and encrypting my email)。</li>
- <li>在“生成密钥”(Create Key)界面。取一个强壮的密码吧!你可以自行取密码,也可以使用 Diceware 模式。自己取密码虽然快捷,但不安全。使用 Diceware 需要更长时间
and requires dice,但能生成攻击者难以辨识出的密码。要使用它,请阅读 Micah Lee 写的<a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">这篇文章</a>的 Make a secure passphrase with Diceware 一节。</li>
+ <li>在“加密”(Encryption)界面,选中“默认加密所有我的消息,因为隐私对我很重要”。</li>
+ <li>在“签名”(Signing)界面,选中“默认不对我的消息签名”。</li>
+ <li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”。</li>
+ <li>在“生成密钥”(Create Key)界面。取一个强壮的密码吧!你可以自行取密码,也可以使用 Diceware 模式。自己取密码虽然快捷,但不安全。使用 Diceware 需要更长时间
,并要求掷骰子,但它能生成攻击者难以辨识出的密码。要使用它,请阅读 Micah Lee 写的<a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">这篇文章</a>的 Make a secure passphrase with Diceware 一节。</li>
</ul>
<p>如果你喜欢自己取密码,想一个你记得起的至少十二字符长的东西,至少包含一个小写和大写字母,和一个数字或标点符号。永远不要使用你其他地方使用过的密码。不用使用任何可辨识的模式,诸如生日、电话号码、宠物名字、歌词或书中的引言。</p>
<p class="notes">在“生成密钥”(Key Creation)界面,程序需要花费小会儿完成下一步。等待时,你可以在计算机上做一些其他事情,比如看电影或浏览网页。此时你计算机使用的越频繁,密钥生成的速度越快。</p>
- <p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中 Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation Certificate [吊销证书]的
文件夹在你的家目录下,并把它保存在那里)。这是本指南重要的一步,你将会在 <a href="#section5">Section 5</a> 了解到更多信息。</span></p>
+ <p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中 Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation Certificate [吊销证书]的
目录在你的家目录下,并将它保存在那里)。这是本指南重要的一步,你将会在 <a href="#section5">Section 5</a> 了解到更多信息。</span></p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
<h4>疑难解答</h4>
<dl>
- <dt>I can't find the Enigmail menu.</dt>
- <dd>In many new email programs, the main menu is represented by an image of three stacked horizontal bars. Enigmail may be inside a section called Tools.</dd>
+ <dt>我找不到 Enigmail 菜单</dt>
+ <dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。Enigmail 可能在“工具”选项里。</dd>
- <dt>The wizard says that it cannot find GnuPG.</dt>
- <dd>Open whatever program you usually use for installing software, and search for GnuPG, then install it. Then restart the Enigmail Setup Wizard(安装向导) by going to Enigmail → Setup Wizard(安装向导).</dd>
+ <dt>向导程序说它无法找到 GnuPG</dt>
+ <dd>打开你常用来安装软件的程序,搜索 GnuPG,并安装它。通过 Enigmail → Setup Wizard 来重启 Enigmail 安装向导。</dd>
- <dt>My email looks weird</dt>
- <dd>Enigmail doesn't tend to play nice with HTML, which is used to format emails, so it may disable your HTML formatting automatically. To send an HTML-formatted email without encryption or a signature, hold down the Shift key when you select compose. You can then write an email as if Enigmail wasn't there.</dd>
+ <dt>我的邮件看起来很奇怪</dt>
+ <dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的 HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
- <dt>More resources</dt>
- <dd>If you're having trouble with our instructions or just want to learn more, check out <a href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">Enigmail's wiki instructions for key generation</a>.</dd>
+ <dt>更多资源</dt>
+ <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">Enigmail's wiki instructions for key generation</a>。</dd>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
- <dt>Command line key generation</dt>
- <dd>If you prefer using the command line for a higher degree of control, you can follow the documentation from <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>. Make sure you stick with "RSA and RSA" (the default), because it's newer and more secure than the algorithms the documentation recommends. Also make sure your key is at least 2048 bits, or 4096 if you want to be extra secure.</dd>
+ <dt>使用命令行生成密钥</dt>
+ <dd>如果你偏爱使用命令行,以获得更高级别的控制,你可以参考文档 <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>。确保你选择的是"RSA and RSA" (the default),因为它比文档中推荐的算法更新更安全。同时确保你的密钥至少 2048 bits,如果你想更安全的话 4096 bits 也是可以的。</dd>
<dt>Advanced key pairs</dt>
<dd>When GnuPG creates a new keypair, it compartmentalizes the encryption function from the signing function through <a href="https://wiki.debian.org/Subkeys">subkeys</a>. If you use subkeys carefully, you can keep your GnuPG identity much more secure and recover from a compromised key much more quickly. <a href="https://alexcabal.com/creating-the-perfect-gpg-keypair/">Alex Cabal</a> and <a href="http://keyring.debian.org/creating-key.html">the Debian wiki</a> provide good guides for setting up a secure subkey configuration.</dd>
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<div id="step-2b" class="step">
<div class="main">
- <h3><em>Step 2.b</em> Upload your public key to a keyserver</h3>
- <p>In your email program's menu, select Enigmail → Key Management.</p>
- <p>Right click on your key and select Upload Public Keys to Keyserver. Use the default keyserver in the popup.</p>
- <p class="notes">Now someone who wants to send you an encrypted message can download your public key from the Internet. There are multiple keyservers that you can select from the menu when you upload, but they are all copies of each other, so it doesn't matter which one you use. However, it sometimes takes a few hours for them to match each other when a new key is uploaded.</p>
+ <h3><em>Step 2.b</em> 上传公钥到密钥服务器</h3>
+ <p>在你的电子邮件程序菜单里,选中 Enigmail → 密钥管理。</p>
+ <p>在你的密钥那里右键,选择“上传公钥到密钥服务器”。使用弹窗中默认的密钥服务器。</p>
+ <p class="notes">现在,想给你发送加密信息的人可以从因特网上下载到你的公钥了。上传时,菜单中有多个密钥服务器可供逆选择,但他们拥有彼此完成的副本,所以你选择哪一个无关紧要。然而,新的密钥上传后,服务器间可能要数小时才能完成同步。</p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
<h4>疑难解答</h4>
<dl>
- <dt>The progress bar never finishes</dt>
- <dd>Close the upload popup, make sure you are connected to the Internet, and try again. If that doesn't work, try again, selecting a different keyserver.</dd>
- <dt>My key doesn't appear in the list</dt>
- <dd>Try checking "Display All Keys by Default."</dd>
- <dt>More documentation</dt>
- <dd>If you're having trouble with our instructions or just want to learn more, check out <a href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">Enigmail's documentation</a>.</dd>
+ <dt>进度条一直没有结束</dt>
+ <dd>关闭上传窗口,确保你已连接上网络,再试一次。如果还不行,则选择其他密钥服务器。</dd>
+ <dt>我的密钥没有显示在列表中</dt>
+ <dd>尝试选中“默认显示全部密钥”。</dd>
+ <dt>更多文档</dt>
+ <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">Enigmail's documentation</a>。</dd>
<dt class="feedback">没有解决你的问题?</dt>
<dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
<dt>Uploading a key from the command line</dt>
<dd>You can also upload your keys to a keyserver through the <a href="https://www.gnupg.org/gph/en/manual/x457.html">command line</a>. <a href="https://sks-keyservers.net/overview-of-pools.php">The sks Web site</a> maintains a list of highly interconnected keyservers. You can also <a href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">directly export your key</a> as a file on your computer.</dd>
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<div id="terminology" class="step">
<div class="main">
- <h3>GnuPG, OpenPGP, what?</h3>
- <p>In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP are used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the encryption standard, and GNU Privacy Guard (often shortened to GPG or GnuPG) is the program that implements the standard. Enigmail is a plug-in program for your email program that provides an interface for GnuPG.</p>
+ <h3>什么是 GnuPG,OpenPGP?</h3>
+ <p>通常,术语 GnuPG, GPG, GNU Privacy Guard, OpenPGP 和 PGP 可以交换其称呼。技术上说,OpenPGP (Pretty Good Privacy) 是一种加密标准, GNU Privacy Guard (常被缩写为 GPG 或 GnuPG)是实现该标准的程序。Enigmail 是一个电子邮件程序的插件,它提供了 GnuPG 的界面。</p>
</div><!-- End .main -->
</div><!-- End #terminology.step-->
<div>
<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
<div class="section-intro">
- <h2><em>#3</em> Try it out!</h2>
- <p>Now you'll try a test correspondence with a computer program named Edward, who knows how to use encryption. Except where noted, these are the same steps you'd follow when corresponding with a real, live person.</p>
+ <h2><em>#3</em> 试一试</h2>
+ <p>现在你将要尝试与名为 Edward 的计算机程序进行通信,它掌握了如何加密。除非另有说明,你与真人通信时也遵循同样的步骤。</p>
<!-- <p>NOTE: Edward is currently having some technical difficulties, so he may take a long time to respond, or not respond at all. We're sorry about this and we're working hard to fix it. Your key will still work even without testing with Edward.</p> -->
</div><!-- End .section-intro -->
<p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section3-try-it-out.png" alt="Try it out." /></p>
</div><!-- /.sidebar -->
<div class="main">
- <h3><em>Step 3.a</em> Send Edward your public key</h3>
- <p>This is a special step that you won't have to do when corresponding with real people. In your email program's menu, go to Enigmail → Key Management. You should see your key in the list that pops up. Right click on your key and select Send Public Keys by Email. This will create a new draft message, as if you had just hit the Write button.</p>
+ <h3><em>Step 3.a</em> 向 Edward 发送你的公钥</h3>
+ <p>这是与真人通信时你不需要做的特别一步。In your email program's menu, go to Enigmail → Key Management. You should see your key in the list that pops up. Right click on your key and select Send Public Keys by Email. This will create a new draft message, as if you had just hit the Write button.</p>
<p>Address the message to <a href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>. Put at least one word (whatever you want) in the subject and body of the email. Don't send yet.</p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
<dt>Encrypt messages from the command line</dt>
<dd>You can also encrypt and decrypt messages and files from the <a href="https://www.gnupg.org/gph/en/manual/x110.html">command line</a>, if that's your preference. The option --armor makes the encrypted output appear in the regular character set.</dd>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
<dt>Master the Web of Trust</dt>
<dd>Unfortunately, trust does not spread between users the way <a href="http://fennetic.net/irc/finney.org/~hal/web_of_trust.html">many people think</a>. One of best ways to strengthen the GnuPG community is to deeply <a href="https://www.gnupg.org/gph/en/manual/x334.html">understand</a> the Web of Trust and to carefully sign as many people's keys as circumstances permit.</dd>
<div class="troubleshooting">
<h4>疑难解答</h4>
<dl>
- <dt>I can't find the menu.</dt>
- <dd>In many new email programs, the main menu is represented by an image of three stacked horizontal bars.</dd>
+ <dt>我找不到菜单</dt>
+ <dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。</dd>
<dt class="feedback">没有解决你的问题?</dt>
<dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
</div><!-- /.sidebar -->
<div class="main">
<h3><em>Step 2.a</em> 生成密钥对</h3>
- <p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup Wizard(安装向导)。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
+ <p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup Wizard。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
<ul>
- <li>在“加密”(Encryption)界面,选中“默认加密所有我的消息,因为隐私对我很重要”(Encrypt all of my messages by default, because privacy is critical to me)。</li>
- <li>在“签名”(Signing)界面,选中“默认不对我的消息签名”(Don't sign my messages by default)。</li>
- <li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”(I want to create a new key pair for signing and encrypting my email)。</li>
- <li>在“生成密钥”(Create Key)界面。取一个强壮的密码吧!你可以自行取密码,也可以使用 Diceware 模式。自己取密码虽然快捷,但不安全。使用 Diceware 需要更长时间
and requires dice,但能生成攻击者难以辨识出的密码。要使用它,请阅读 Micah Lee 写的<a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">这篇文章</a>的 Make a secure passphrase with Diceware 一节。</li>
+ <li>在“加密”(Encryption)界面,选中“默认加密所有我的消息,因为隐私对我很重要”。</li>
+ <li>在“签名”(Signing)界面,选中“默认不对我的消息签名”。</li>
+ <li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”。</li>
+ <li>在“生成密钥”(Create Key)界面。取一个强壮的密码吧!你可以自行取密码,也可以使用 Diceware 模式。自己取密码虽然快捷,但不安全。使用 Diceware 需要更长时间
,并要求掷骰子,但它能生成攻击者难以辨识出的密码。要使用它,请阅读 Micah Lee 写的<a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">这篇文章</a>的 Make a secure passphrase with Diceware 一节。</li>
</ul>
<p>如果你喜欢自己取密码,想一个你记得起的至少十二字符长的东西,至少包含一个小写和大写字母,和一个数字或标点符号。永远不要使用你其他地方使用过的密码。不用使用任何可辨识的模式,诸如生日、电话号码、宠物名字、歌词或书中的引言。</p>
<p class="notes">在“生成密钥”(Key Creation)界面,程序需要花费小会儿完成下一步。等待时,你可以在计算机上做一些其他事情,比如看电影或浏览网页。此时你计算机使用的越频繁,密钥生成的速度越快。</p>
- <p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中 Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation Certificate [吊销证书]的
文件夹在你的家目录下,并把它保存在那里)。这是本指南重要的一步,你将会在 <a href="#section5">Section 5</a> 了解到更多信息。</span></p>
+ <p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中 Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation Certificate [吊销证书]的
目录在你的家目录下,并将它保存在那里)。这是本指南重要的一步,你将会在 <a href="#section5">Section 5</a> 了解到更多信息。</span></p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
<h4>疑难解答</h4>
<dl>
- <dt>I can't find the Enigmail menu.</dt>
- <dd>In many new email programs, the main menu is represented by an image of three stacked horizontal bars. Enigmail may be inside a section called Tools.</dd>
+ <dt>我找不到 Enigmail 菜单</dt>
+ <dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。Enigmail 可能在“工具”选项里。</dd>
- <dt>My email looks weird</dt>
- <dd>Enigmail doesn't tend to play nice with HTML, which is used to format emails, so it may disable your HTML formatting automatically. To send an HTML-formatted email without encryption or a signature, hold down the Shift key when you select compose. You can then write an email as if Enigmail wasn't there.</dd>
+ <dt>我的邮件看起来很奇怪</dt>
+ <dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的 HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
- <dt>More resources</dt>
- <dd>If you're having trouble with our instructions or just want to learn more, check out <a href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">Enigmail's wiki instructions for key generation</a>.</dd>
+ <dt>更多资源</dt>
+ <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">Enigmail's wiki instructions for key generation</a>。</dd>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
- <dt>Command line key generation</dt>
- <dd>If you prefer using the command line for a higher degree of control, you can follow the documentation from <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>. Make sure you stick with "RSA and RSA" (the default), because it's newer and more secure than the algorithms the documentation recommends. Also make sure your key is at least 2048 bits, or 4096 if you want to be extra secure.</dd>
+ <dt>使用命令行生成密钥</dt>
+ <dd>如果你偏爱使用命令行,以获得更高级别的控制,你可以参考文档 <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>。确保你选择的是"RSA and RSA" (the default),因为它比文档中推荐的算法更新更安全。同时确保你的密钥至少 2048 bits,如果你想更安全的话 4096 bits 也是可以的。</dd>
<dt>Advanced key pairs</dt>
<dd>When GnuPG creates a new keypair, it compartmentalizes the encryption function from the signing function through <a href="https://wiki.debian.org/Subkeys">subkeys</a>. If you use subkeys carefully, you can keep your GnuPG identity much more secure and recover from a compromised key much more quickly. <a href="https://alexcabal.com/creating-the-perfect-gpg-keypair/">Alex Cabal</a> and <a href="http://keyring.debian.org/creating-key.html">the Debian wiki</a> provide good guides for setting up a secure subkey configuration.</dd>
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<div id="step-2b" class="step">
<div class="main">
- <h3><em>Step 2.b</em> Upload your public key to a keyserver</h3>
- <p>In your email program's menu, select Enigmail → Key Management.</p>
- <p>Right click on your key and select Upload Public Keys to Keyserver. Use the default keyserver in the popup.</p>
- <p class="notes">Now someone who wants to send you an encrypted message can download your public key from the Internet. There are multiple keyservers that you can select from the menu when you upload, but they are all copies of each other, so it doesn't matter which one you use. However, it sometimes takes a few hours for them to match each other when a new key is uploaded.</p>
+ <h3><em>Step 2.b</em> 上传公钥到密钥服务器</h3>
+ <p>在你的电子邮件程序菜单里,选中 Enigmail → 密钥管理。</p>
+ <p>在你的密钥那里右键,选择“上传公钥到密钥服务器”。使用弹窗中默认的密钥服务器。</p>
+ <p class="notes">现在,想给你发送加密信息的人可以从因特网上下载到你的公钥了。上传时,菜单中有多个密钥服务器可供逆选择,但他们拥有彼此完成的副本,所以你选择哪一个无关紧要。然而,新的密钥上传后,服务器间可能要数小时才能完成同步。</p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
<h4>疑难解答</h4>
<dl>
- <dt>The progress bar never finishes</dt>
- <dd>Close the upload popup, make sure you are connected to the Internet, and try again. If that doesn't work, try again, selecting a different keyserver.</dd>
- <dt>My key doesn't appear in the list</dt>
- <dd>Try checking "Display All Keys by Default."</dd>
- <dt>More documentation</dt>
- <dd>If you're having trouble with our instructions or just want to learn more, check out <a href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">Enigmail's documentation</a>.</dd>
+ <dt>进度条一直没有结束</dt>
+ <dd>关闭上传窗口,确保你已连接上网络,再试一次。如果还不行,则选择其他密钥服务器。</dd>
+ <dt>我的密钥没有显示在列表中</dt>
+ <dd>尝试选中“默认显示全部密钥”。</dd>
+ <dt>更多文档</dt>
+ <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">Enigmail's documentation</a>。</dd>
<dt class="feedback">没有解决你的问题?</dt>
<dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
<dt>Uploading a key from the command line</dt>
<dd>You can also upload your keys to a keyserver through the <a href="https://www.gnupg.org/gph/en/manual/x457.html">command line</a>. <a href="https://sks-keyservers.net/overview-of-pools.php">The sks Web site</a> maintains a list of highly interconnected keyservers. You can also <a href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">directly export your key</a> as a file on your computer.</dd>
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<div id="terminology" class="step">
<div class="main">
- <h3>GnuPG, OpenPGP, what?</h3>
- <p>In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP are used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the encryption standard, and GNU Privacy Guard (often shortened to GPG or GnuPG) is the program that implements the standard. Enigmail is a plug-in program for your email program that provides an interface for GnuPG.</p>
+ <h3>什么是 GnuPG,OpenPGP?</h3>
+ <p>通常,术语 GnuPG, GPG, GNU Privacy Guard, OpenPGP 和 PGP 可以交换其称呼。技术上说,OpenPGP (Pretty Good Privacy) 是一种加密标准, GNU Privacy Guard (常被缩写为 GPG 或 GnuPG)是实现该标准的程序。Enigmail 是一个电子邮件程序的插件,它提供了 GnuPG 的界面。</p>
</div><!-- End .main -->
</div><!-- End #terminology.step-->
<div>
<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
<div class="section-intro">
- <h2><em>#3</em> Try it out!</h2>
- <p>Now you'll try a test correspondence with a computer program named Edward, who knows how to use encryption. Except where noted, these are the same steps you'd follow when corresponding with a real, live person.</p>
+ <h2><em>#3</em> 试一试</h2>
+ <p>现在你将要尝试与名为 Edward 的计算机程序进行通信,它掌握了如何加密。除非另有说明,你与真人通信时也遵循同样的步骤。</p>
<!-- <p>NOTE: Edward is currently having some technical difficulties, so he may take a long time to respond, or not respond at all. We're sorry about this and we're working hard to fix it. Your key will still work even without testing with Edward.</p> -->
</div><!-- End .section-intro -->
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
<dt>Encrypt messages from the command line</dt>
<dd>You can also encrypt and decrypt messages and files from the <a href="https://www.gnupg.org/gph/en/manual/x110.html">command line</a>, if that's your preference. The option --armor makes the encrypted output appear in the regular character set.</dd>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
<dt>Master the Web of Trust</dt>
<dd>Unfortunately, trust does not spread between users the way <a href="http://fennetic.net/irc/finney.org/~hal/web_of_trust.html">many people think</a>. One of best ways to strengthen the GnuPG community is to deeply <a href="https://www.gnupg.org/gph/en/manual/x334.html">understand</a> the Web of Trust and to carefully sign as many people's keys as circumstances permit.</dd>
</div><!-- /.sidebar -->
<div class="main">
<h3><em>Step 2.a</em> 生成密钥对</h3>
- <p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup Wizard(安装向导)。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
+ <p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup Wizard。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
<ul>
- <li>在“加密”(Encryption)界面,选中“默认加密所有我的消息,因为隐私对我很重要”(Encrypt all of my messages by default, because privacy is critical to me)。</li>
- <li>在“签名”(Signing)界面,选中“默认不对我的消息签名”(Don't sign my messages by default)。</li>
- <li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”(I want to create a new key pair for signing and encrypting my email)。</li>
- <li>在“生成密钥”(Create Key)界面。取一个强壮的密码吧!你可以自行取密码,也可以使用 Diceware 模式。自己取密码虽然快捷,但不安全。使用 Diceware 需要更长时间
and requires dice,但能生成攻击者难以辨识出的密码。要使用它,请阅读 Micah Lee 写的<a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">这篇文章</a>的 Make a secure passphrase with Diceware 一节。</li>
+ <li>在“加密”(Encryption)界面,选中“默认加密所有我的消息,因为隐私对我很重要”。</li>
+ <li>在“签名”(Signing)界面,选中“默认不对我的消息签名”。</li>
+ <li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”。</li>
+ <li>在“生成密钥”(Create Key)界面。取一个强壮的密码吧!你可以自行取密码,也可以使用 Diceware 模式。自己取密码虽然快捷,但不安全。使用 Diceware 需要更长时间
,并要求掷骰子,但它能生成攻击者难以辨识出的密码。要使用它,请阅读 Micah Lee 写的<a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">这篇文章</a>的 Make a secure passphrase with Diceware 一节。</li>
</ul>
<p>如果你喜欢自己取密码,想一个你记得起的至少十二字符长的东西,至少包含一个小写和大写字母,和一个数字或标点符号。永远不要使用你其他地方使用过的密码。不用使用任何可辨识的模式,诸如生日、电话号码、宠物名字、歌词或书中的引言。</p>
<p class="notes">在“生成密钥”(Key Creation)界面,程序需要花费小会儿完成下一步。等待时,你可以在计算机上做一些其他事情,比如看电影或浏览网页。此时你计算机使用的越频繁,密钥生成的速度越快。</p>
- <p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中 Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation Certificate [吊销证书]的文件夹在你的家目录下,并
把它保存在那里)。这是本指南重要的一步,你将会在 <a href="#section5">Section 5</a> 了解到更多信息。</span></p>
+ <p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中 Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation Certificate [吊销证书]的文件夹在你的家目录下,并
将它保存在那里)。这是本指南重要的一步,你将会在 <a href="#section5">Section 5</a> 了解到更多信息。</span></p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
<h4>疑难解答</h4>
<dl>
- <dt>I can't find the Enigmail menu.</dt>
- <dd>In many new email programs, the main menu is represented by an image of three stacked horizontal bars. Enigmail may be inside a section called Tools.</dd>
+ <dt>我找不到 Enigmail 菜单</dt>
+ <dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。Enigmail 可能在“工具”选项里。</dd>
- <dt>More resources</dt>
- <dd>If you're having trouble with our instructions or just want to learn more, check out <a href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">Enigmail's wiki instructions for key generation</a>.</dd>
+ <dt>更多资源</dt>
+ <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">Enigmail's wiki instructions for key generation</a>。</dd>
- <dt>My email looks weird</dt>
- <dd>Enigmail doesn't tend to play nice with HTML, which is used to format emails, so it may disable your HTML formatting automatically. To send an HTML-formatted email without encryption or a signature, hold down the Shift key when you select compose. You can then write an email as if Enigmail wasn't there.</dd>
+ <dt>我的邮件看起来很奇怪</dt>
+ <dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的 HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
<dt class="feedback">没有解决你的问题?</dt>
<dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
- <dt>Command line key generation</dt>
- <dd>If you prefer using the command line for a higher degree of control, you can follow the documentation from <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>. Make sure you stick with "RSA and RSA" (the default), because it's newer and more secure than the algorithms the documentation recommends. Also make sure your key is at least 2048 bits, or 4096 if you want to be extra secure.</dd>
+ <dt>使用命令行生成密钥</dt>
+ <dd>如果你偏爱使用命令行,以获得更高级别的控制,你可以参考文档 <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>。确保你选择的是"RSA and RSA" (the default),因为它比文档中推荐的算法更新更安全。同时确保你的密钥至少 2048 bits,如果你想更安全的话 4096 bits 也是可以的。</dd>
<dt>Advanced key pairs</dt>
<dd>When GnuPG creates a new keypair, it compartmentalizes the encryption function from the signing function through <a href="https://wiki.debian.org/Subkeys">subkeys</a>. If you use subkeys carefully, you can keep your GnuPG identity much more secure and recover from a compromised key much more quickly. <a href="https://alexcabal.com/creating-the-perfect-gpg-keypair/">Alex Cabal</a> and <a href="http://keyring.debian.org/creating-key.html">the Debian wiki</a> provide good guides for setting up a secure subkey configuration.</dd>
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<div id="step-2b" class="step">
<div class="main">
- <h3><em>Step 2.b</em> Upload your public key to a keyserver</h3>
- <p>In your email program's menu, select Enigmail → Key Management.</p>
- <p>Right click on your key and select Upload Public Keys to Keyserver. Use the default keyserver in the popup.</p>
- <p class="notes">Now someone who wants to send you an encrypted message can download your public key from the Internet. There are multiple keyservers that you can select from the menu when you upload, but they are all copies of each other, so it doesn't matter which one you use. However, it sometimes takes a few hours for them to match each other when a new key is uploaded.</p>
+ <h3><em>Step 2.b</em> 上传公钥到密钥服务器</h3>
+ <p>在你的电子邮件程序菜单里,选中 Enigmail → 密钥管理。</p>
+ <p>在你的密钥那里右键,选择“上传公钥到密钥服务器”。使用弹窗中默认的密钥服务器。</p>
+ <p class="notes">现在,想给你发送加密信息的人可以从因特网上下载到你的公钥了。上传时,菜单中有多个密钥服务器可供逆选择,但他们拥有彼此完成的副本,所以你选择哪一个无关紧要。然而,新的密钥上传后,服务器间可能要数小时才能完成同步。</p>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
<h4>疑难解答</h4>
<dl>
- <dt>The progress bar never finishes</dt>
- <dd>Close the upload popup, make sure you are connected to the Internet, and try again. If that doesn't work, try again, selecting a different keyserver.</dd>
- <dt>My key doesn't appear in the list</dt>
- <dd>Try checking "Display All Keys by Default."</dd>
- <dt>More documentation</dt>
- <dd>If you're having trouble with our instructions or just want to learn more, check out <a href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">Enigmail's documentation</a>.</dd>
+ <dt>进度条一直没有结束</dt>
+ <dd>关闭上传窗口,确保你已连接上网络,再试一次。如果还不行,则选择其他密钥服务器。</dd>
+ <dt>我的密钥没有显示在列表中</dt>
+ <dd>尝试选中“默认显示全部密钥”。</dd>
+ <dt>更多文档</dt>
+ <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">Enigmail's documentation</a>。</dd>
<dt class="feedback">没有解决你的问题?</dt>
<dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
<dt>Uploading a key from the command line</dt>
<dd>You can also upload your keys to a keyserver through the <a href="https://www.gnupg.org/gph/en/manual/x457.html">command line</a>. <a href="https://sks-keyservers.net/overview-of-pools.php">The sks Web site</a> maintains a list of highly interconnected keyservers. You can also <a href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">directly export your key</a> as a file on your computer.</dd>
<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
<div id="terminology" class="step">
<div class="main">
- <h3>GnuPG, OpenPGP, what?</h3>
- <p>In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP are used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the encryption standard, and GNU Privacy Guard (often shortened to GPG or GnuPG) is the program that implements the standard. Enigmail is a plug-in program for your email program that provides an interface for GnuPG.</p>
+ <h3>什么是 GnuPG,OpenPGP?</h3>
+ <p>通常,术语 GnuPG, GPG, GNU Privacy Guard, OpenPGP 和 PGP 可以交换其称呼。技术上说,OpenPGP (Pretty Good Privacy) 是一种加密标准, GNU Privacy Guard (常被缩写为 GPG 或 GnuPG)是实现该标准的程序。Enigmail 是一个电子邮件程序的插件,它提供了 GnuPG 的界面。</p>
</div><!-- End .main -->
</div><!-- End #terminology.step-->
<div>
<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
<div class="section-intro">
- <h2><em>#3</em> Try it out!</h2>
- <p>Now you'll try a test correspondence with a computer program named Edward, who knows how to use encryption. Except where noted, these are the same steps you'd follow when corresponding with a real, live person.</p>
+ <h2><em>#3</em> 试一试</h2>
+ <p>现在你将要尝试与名为 Edward 的计算机程序进行通信,它掌握了如何加密。除非另有说明,你与真人通信时也遵循同样的步骤。</p>
<!-- <p>NOTE: Edward is currently having some technical difficulties, so he may take a long time to respond, or not respond at all. We're sorry about this and we're working hard to fix it. Your key will still work even without testing with Edward.</p> -->
</div><!-- End .section-intro -->
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
<dt>Encrypt messages from the command line</dt>
<dd>You can also encrypt and decrypt messages and files from the <a href="https://www.gnupg.org/gph/en/manual/x110.html">command line</a>, if that's your preference. The option --armor makes the encrypted output appear in the regular character set.</dd>
<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
<div class="troubleshooting">
- <h4>Advanced</h4>
+ <h4>进阶指南</h4>
<dl>
<dt>Master the Web of Trust</dt>
<dd>Unfortunately, trust does not spread between users the way <a href="http://fennetic.net/irc/finney.org/~hal/web_of_trust.html">many people think</a>. One of best ways to strengthen the GnuPG community is to deeply <a href="https://www.gnupg.org/gph/en/manual/x334.html">understand</a> the Web of Trust and to carefully sign as many people's keys as circumstances permit.</dd>
projects / enc.git / commitdiff