<!DOCTYPE html>
<html lang="zh-Hans">
- <head>
- <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<head>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Email Self-Defense - a guide to fighting surveillance with GnuPG encryption</title>
+<meta name="keywords" content="GnuPG, GPG, openpgp, 监控, 隐私, 电子邮件, Enigmail" />
+<meta name="description" content="电子邮件监控侵犯了我们的基本权利,并损害了言论自由。本指南将在 40 分钟里,教会你使用 GnuPG 进行电子邮件加密。" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
+<link rel="shortcut icon"
+href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
+</head>
- <title>Email Self-Defense - a guide to fighting surveillance with GnuPG encryption</title>
- <meta name="keywords" content="GnuPG, GPG, privacy, email, Enigmail" />
- <meta name="description" content="Email surveillance violates our fundamental rights and makes free speech risky. This guide will teach you email self-defense in 40 minutes with GnuPG." />
+<body>
- <meta name="viewport" content="width=device-width, initial-scale=1" />
- <link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
- <link rel="shortcut icon" href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
+<header class="row centered" id="header"><div>
- </head>
- <body>
+<p><strong>请检查带确认链接的邮件。感谢你加入我们的邮件列表。</strong></p>
-<h3 class="wip">Translation in Progress</h3>
-<p class="wip">The <a href="/esd-zh-hans.po">PO file</a> is where work is being done. Please help us if you can. Thanks!</p>
+<p>如果你没有收到确认链接,请给我们 info@fsf.org 发邮件,我们将手动添加。</p>
- <header class="row centered" id="header">
- <div>
+<br />
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section3-try-it-out.png"
+alt="来试试" /></p><br />
+<p>关注我们每日更新的微博客。</p>
-<p><strong>Please check your email for a confirmation link now. Thanks for joining our list!</strong></p>
+<p style="font-size:150%"><a href="https://status.fsf.org/fsf"><img
+src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
+class="share-logo"
+alt="[GNU Social]" />
+ GNU Social</a> | <a href="http://microca.st/fsf"><img
+src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
+class="share-logo"
+alt="[Pump.io]" />
+ Pump.io</a> | <a
+href="https://www.twitter.com/fsf">Twitter</a></p>
-<p>If you don't receive the confirmation link, send us an email at info@fsf.org to be added manually.</p>
+<p><small><a href="https://www.fsf.org/twitter">阅读为什么 GNU Social 和 Pump.io 要比
+Twitter 好。</a></small></p>
-
-<br /><p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section3-try-it-out.png" alt="Try it out." /></p><br />
-
-<p>Join us on microblogging services for day-to-day updates:</p>
-<p style="font-size:150%">
- <a href="https://status.fsf.org/fsf">
- <img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
- class="share-logo" alt="[GNU Social]" />
- GNU Social
- </a> |
- <a href="http://microca.st/fsf">
- <img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
- class="share-logo" alt="[Pump.io]" />
- Pump.io
- </a> |
- <a href="https://www.twitter.com/fsf">Twitter</a>
-</p>
-<p><small><a href="https://www.fsf.org/twitter">Read why GNU Social and Pump.io are better than Twitter.</a></small></p>
<hr />
- <p class="back" style="font-size:150%">← Return to <a href="index.html">Email Self-Defense</a></p>
- </div>
- </header><!-- End #header -->
-
- <!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
- <footer class="row" id="footer">
- <div>
- <div id="copyright">
- <h4><a href="https://u.fsf.org/ys"><img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
- <p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software Foundation</a>, Inc. <a href="https://my.fsf.org/donate/privacypolicy.html">Privacy Policy</a>. Please support our work by <a href="https://u.fsf.org/yr">joining us as an associate member.</a></p>
-
- <p>The images on this page are under a <a href="https://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 license (or later version)</a>, and the rest of it is under a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">source code of Edward reply bot</a> by Andrew Engelbrecht <sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>, available under the GNU Affero General Public License. <a href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these licenses?</a></p>
-
- <p>Fonts used in the guide & infographic: <a href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> by Pablo Impallari, <a href="http://www.google.com/fonts/specimen/Signika">Signika</a> by Anna Giedryś, <a href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo Narrow</a> by Omnibus-Type, <a href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a> by Florian Cramer.</p>
-
- <p>Download the <a href="emailselfdefense_source.zip">source package</a> for this guide, including fonts, image source files and the text of Edward's messages.</p>
-
- <p>This site uses the Weblabels standard for labeling <a href="https://www.fsf.org/campaigns/freejs">free JavaScript</a>. View the JavaScript <a href="//weblabels.fsf.org/emailselfdefense.fsf.org/" rel="jslicense">source code and license information</a>.</p>
- </div><!-- /#copyright -->
- <p class="credits">
- Infographic and guide design by <a rel="external" href="http://jplusplus.org"><strong>Journalism++</strong> <img src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png" alt="Journalism++" /></a>
- </p><!-- /.credits -->
- </div>
- </footer><!-- End #footer -->
-
- <script src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
- <script src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
-
- <!-- Piwik -->
- <script type="text/javascript">
- /*
- @licstart The following is the entire license notice for the
- JavaScript code in this page.
-
- Copyright 2014 Matthieu Aubry
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see http://www.gnu.org/licenses/.
-
- @licend The above is the entire license notice
- for the JavaScript code in this page.
- */
- var _paq = _paq || [];
- _paq.push(["setDocumentTitle", document.domain + "/" + document.title]);
- _paq.push(["setCookieDomain", "*.www.fsf.org"]);
- _paq.push(["setDomains", ["*.www.fsf.org","*.www.fsf.org"]]);
- _paq.push(["trackPageView"]);
- _paq.push(["enableLinkTracking"]);
-
- (function() {
- var u=(("https:" == document.location.protocol) ? "https" : "http") + "://piwik.fsf.org/";
- _paq.push(["setTrackerUrl", u+"piwik.php"]);
- _paq.push(["setSiteId", "5"]);
- var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0]; g.type="text/javascript";
- g.defer=true; g.async=true; g.src=u+"piwik.js"; s.parentNode.insertBefore(g,s);
- })();
- </script>
- <!-- End Piwik Code -->
-
- </body>
+
+<p class="back" style="font-size:150%">← 返回 <a href="index.html">指南</a></p>
+
+</div></header>
+
+
+<!-- End #header -->
+<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
+<footer class="row" id="footer"><div>
+<div id="copyright">
+
+<h4><a href="https://u.fsf.org/ys"><img
+alt="自由软件基金会"
+src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
+
+<p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software
+Foundation</a>, Inc. <a
+href="https://my.fsf.org/donate/privacypolicy.html">隐私政策</a>. <a
+href="https://u.fsf.org/yr">成为会员</a>,以支持我们的工作。</p>
+
+<p>The images on this page are under a <a
+href="https://creativecommons.org/licenses/by/4.0/">Creative Commons
+Attribution 4.0 license (or later version)</a>, and the rest of it is under
+a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons
+Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a
+href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">
+source code of Edward reply bot</a> by Andrew Engelbrecht
+<sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>,
+available under the GNU Affero General Public License. <a
+href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these
+licenses?</a></p>
+
+<p>本指南和信息图所使用的字体:<a
+href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> 由 Pablo
+Impallari 设计, <a
+href="http://www.google.com/fonts/specimen/Signika">Signika</a> 由 Anna
+Giedryś 设计,<a
+href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo
+Narrow</a> 由 Omnibus-Type 设计,<a
+href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a>
+由 Florian Cramer 设计。</p>
+
+<p>下载本指南(包含字体,图片文件和爱德华邮件的文本)的<a href="emailselfdefense_source.zip">源码包</a>。</p>
+
+<p>本站使用 Weblabels 标准标记 <a href="https://www.fsf.org/campaigns/freejs">自由的
+JavaScript</a>。 查看 JavaScript <a
+href="//weblabels.fsf.org/emailselfdefense.fsf.org/"
+rel="jslicense">源代码和许可证信息</a>。</p>
+
+</div>
+
+<!-- /#copyright -->
+<p class="credits">信息图和指南设计由 <a rel="external"
+href="http://jplusplus.org"><strong>Journalism++</strong> <img
+src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png"
+alt="Journalism++" /></a></p>
+<!-- /.credits -->
+</div></footer>
+
+
+<!-- End #footer -->
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
+
+<!-- Piwik -->
+<script type="text/javascript" ><!--
+// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
+var pkBaseURL = (("https:" == document.location.protocol) ? "https://piwik.fsf.org/" : "http://piwik.fsf.org/");
+document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
+try {
+ var piwikTracker = Piwik.getTracker(pkBaseURL + "piwik.php", 13);
+ piwikTracker.trackPageView();
+ piwikTracker.enableLinkTracking();
+} catch( err ) {}
+// @license-end
+-->
+</script>
+<noscript><p><img
+src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0"
+alt="" /></p></noscript>
+
+<!-- End Piwik Tracking Code -->
+</body>
</html>
<!DOCTYPE html>
<html lang="zh-Hans">
<head>
- <meta http-equiv="content-type" content="text/html; charset=utf-8" />
-
- <title>电子邮件加密傻瓜指南</title>
- <meta name="keywords" content="GnuPG, GPG, openpgp, 监控, 隐私, 电子邮件, Enigmail" />
- <meta name="description" content="电子邮件监控侵犯了我们的基本权利,并危及了言论自由。本指南将在四十分钟里教会你如何通过 GnuPG 加密邮件。 " />
-
- <meta name="viewport" content="width=device-width, initial-scale=1" />
- <link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
- <link rel="shortcut icon" href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
-
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Email Self-Defense - a guide to fighting surveillance with GnuPG encryption</title>
+<meta name="keywords" content="GnuPG, GPG, openpgp, 监控, 隐私, 电子邮件, Enigmail" />
+<meta name="description" content="电子邮件监控侵犯了我们的基本权利,并损害了言论自由。本指南将在 40 分钟里,教会你使用 GnuPG 进行电子邮件加密。" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
+<link rel="shortcut icon"
+href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
</head>
+
<body>
-<h3 class="wip">Translation in Progress</h3>
-<p class="wip">The <a href="/esd-zh-hans.po">PO file</a> is where work is being done. Please help us if you can. Thanks!</p>
- <!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
+<!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
+<header class="row" id="header"><div>
- <header class="row" id="header">
- <div>
- <h1>电子邮件加密傻瓜指南</h1>
+<h1>Email Self-Defense</h1>
- <!-- Language list for browsers that do not have JS enabled -->
- <ul id="languages" class="os">
+
+<!-- Language list for browsers that do not have JS enabled -->
+<ul id="languages" class="os">
<li><a href="/en">English - v4.0</a></li>
<li><a href="/ar">العربية <span class="tip">tip</span></a></li>
<li><a href="/cs">Čeština - v4.0</a></li>
<li><a href="/sv">svenska - v4.0</a></li>
<li><a href="/tr">Türkçe - v4.0</a></li>
<li><a class="current" href="/zh-hans">简体中文 <span class="tip">tip</span></a></li>
-<li><a href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"><strong><span style="color: #2F5FAA;">帮助翻译</span></strong></a></li>
- </ul>
-
- <ul id="menu" class="os">
- <li class="spacer">
- <a href="index.html" class="current">GNU/Linux</a>
- </li>
- <li>
- <a href="mac.html">Mac OS</a>
- </li>
- <li>
- <a href="windows.html">Windows</a>
- </li>
- <li class="spacer"><a href="workshops.html">研讨会</a></li>
- <li class="spacer">
- <a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email encryption for everyone via %40fsf">
- 分享
- <img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
- class="share-logo" alt="[GNU Social]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
- class="share-logo" alt="[Pump.io]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png"
- class="share-logo" alt="[Reddit]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png"
- class="share-logo" alt="[Hacker News]" />
- </a>
- </li>
- </ul>
-
- <!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
- <div id="fsf-intro">
- <h3>
- <a href="http://u.fsf.org/ys">
- <img alt="Free Software Foundation"
- src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" />
- </a>
- </h3>
- <div class="fsf-emphasis">
- <p>
- 我们为计算机用户的权利而战,并促进自由软件的开发,对抗大规模监控对我们至关重要。
- </p>
- <p>
- <strong>
- 请捐款以支持电子邮件加密指南。我们会一直改进它,使其充实,for the benefit of people around the world taking the first step towards protecting their privacy.
- </strong>
- </p>
- </div>
-
- <p><a href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img alt="Donate" src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png" /></a> </p>
-
- </div><!-- End #fsf-intro -->
-
- <!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
- <div class="intro">
- <p>
- <a id="infographic" href="infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png" alt="View & share our infographic →" /></a>大规模监控侵犯了我们的基本权利,并危及了言论自由。本指南将会教授你一个基本的监控自我保护技巧:加密电子邮件。一旦你学会了,你将能够收发其他人无法阅读的电子邮件,包括那些拦截你邮件的监控代理或窃贼。你需要的是一台带网络连接的计算机,一个电子邮箱账号,和大约四十分钟时间。</p>
-
- <p>即使你没有什么见不得人的事情,通过加密可以保护通信对方的隐私,并使大规模监控变得困难。如果你确实有重要的东西需要隐藏,那么你并不孤独;告密者们在揭发人权侵犯、腐败以及其他犯罪问题时,也是使用同样的工具保护他们身份的。</p>
-
- <p>除了使用加密技术,我们还需要坚持不懈地与监控作政治斗争,以减少政府<a href="http://gnu.org/philosophy/surveillance-vs-democracy.html">对我们的大量数据收集</a>。但重中之重是保护好你自己,使得监控你的通讯尽可能的困难。本指南将帮助你做到。它是为初学者设计的,但如果你已经掌握了 GnuPG 的基本知识,或你是一位资深自由软件用户,你会喜欢进阶提示与<a href="workshops.html">加密探讨会指南</a>。</p>
-
- </div><!-- End .intro -->
-
- </div>
- </header><!-- End #header -->
-
- <!-- ~~~~~~~~~ Section 1: Get the pieces ~~~~~~~~~ -->
- <section class="row" id="section1">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#1</em> 获取部件</h2>
- <p class="notes">本指南需要安装<a href="https://www.gnu.org/philosophy/free-sw.html">自由许可的</a>软件;它是完全透明的,任何人都可以复制它,并生成自己的版本。这使得它比专有软件(比如 Windows)更难受到监控。你可以在 <a href="https://u.fsf.org/ys">fsf.org</a> 上了解更多关于自由软件的信息。</p>
-
- <p>大多数 GNU/Linux 操作系统自带 GnuPG,所以你不必下载它。在配置 GnuPG 前,你需要安装 IceDove 电子邮件客户端。大多数 GNU/Linux 发行版已经安装好 IceDove 了,它可能是以别名 Thunderbird 出现在你的计算机中。电子邮件程序是另一种访问邮箱账号的途径(你也可以像 Gmail 那样通过浏览器访问),但它提供了更多的功能。</p>
- <p>如果你已经安装好了电子邮件程序,请跳至 <a href="#step-1b">Step 1.b</a>。</p>
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-1a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1a-install-wizard.png" alt="Step 1.A: Install Wizard" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 1.a</em> 设置邮箱账号</h3>
- <p>打开你的邮件程序,按照向导程序的提示逐步设置好你的邮箱账号。</p>
- <p>在设置你的账号时,留意服务器右侧的 SSL, TLS 或 STARTTLS 字样。如果你没有看到他们,你仍将有能力使用加密,但这意味着运行邮件系统的人以低于行业标准的规范保护着你的安全与隐私。我们建议你,向他们发送一份友好的邮件,要求他们为邮件服务器启用 SSL, TLS 或 STARTTLS。他们会知道你说的是什么,如果你不是系统安全的专家,这是一个值得的要求。</p>
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>向导程序没有启动</dt>
- <dd>你可以自行启动它,但不同邮件程序的菜单选项不尽相同。启动它的按钮在程序的主菜单里,“新建”或者类似的,标题类似于“添加账号”(Add account)或者“新建/已存在的邮箱账号”(New/Existing email account)。</dd>
- <dt>向导程序无法找到我的账号或是不下载我的邮件</dt>
- <dd>在你网上搜索前,我们建议你询问其他和你使用相同邮箱系统的人,以找出正确的设置。</dd>
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
-
- </div><!-- End .main -->
- </div><!-- End #step1-a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-1b" class="step">
- <div class="sidebar">
- <ul class="images">
- <li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-01-tools-addons.png" alt="Step 1.B: Tools -> Add-ons" /></li>
- <li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-02-search.png" alt="Step 1.B: Search Add-ons" /></li>
- <li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-03-install.png" alt="Step 1.B: Install Add-ons" /></li>
- </ul>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 1.b</em> 安装 ENIGMAIL 插件</h3>
- <p>在邮件程序的菜单栏里,选择“附加组件”(Add-ons,它可能在工具选项里)。确认选上了左侧的“扩展”(Extensions)。看到了 Enigmail 吗?如果是,请跳过此步。</p>
- <p>如果没有,在右上方的搜索框里搜索“Enigmail”。你可以在这里获取到它。安装完成后重启邮件客户端。</p>
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
-
- <dt>我找不到菜单</dt>
- <dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。</dd>
- <dt>我的邮件看起来很奇怪</dt>
- <dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的 HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
-
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
- </div><!-- End #step-1b .step -->
-
- </div>
- </section><!-- End #section1 -->
-
- <!-- ~~~~~~~~~ Section 2: Make your keys ~~~~~~~~~ -->
- <section class="row" id="section2">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#2</em> 生成密钥</h2>
- <p>要使用 GnuPG 体系,你将会用到一把公钥(public key)和一把私钥(private key),他们合称为密钥对(keypair)。每一把都是随机生成的一长串数字和字母的值,它是独一无二的。你的公钥和私钥由一种特殊的数学函数联系在一起。</p>
-
- <p>你的公钥不太像现实中的钥匙,它公开储存在被称之为密钥服务器(keyserver)的在线目录上。人们可以下载使用它,借助 GnuPG,人们向你发送加密邮件。你可以把密钥服务器想象成一本电话簿;想要给你发送加密邮件的人能够找到你的公钥。</p>
-
- <p>你的私钥更像是现实中的钥匙,你需要自行保管它(在你的计算机中)。你可以使用 GnuPG 和你的私钥来解密他人发给你的加密邮件。<span style="font-weight: bold;">无论如何,你都不应该改向他人分享你的私钥。</span></p>
- <p>除了加密和解密,你可以使用这些密钥对消息进行签名,并检查其他人签名的真实性。我们将在下一节里详细探讨它。</p>
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-2a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step2a-01-make-keypair.png" alt="Step 2.A: Make a Keypair" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 2.a</em> 生成密钥对</h3>
- <p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup Wizard。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
- <ul>
- <li>在“加密”(Encryption)界面,选中“默认加密所有我的消息,因为隐私对我很重要”。</li>
- <li>在“签名”(Signing)界面,选中“默认不对我的消息签名”。</li>
- <li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”。</li>
- <li>在“生成密钥”(Create Key)界面。取一个强壮的密码吧!你可以自行取密码,也可以使用 Diceware 模式。自己取密码虽然快捷,但不安全。使用 Diceware 需要更长时间,并要求掷骰子,但它能生成攻击者难以辨识出的密码。要使用它,请阅读 Micah Lee 写的<a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">这篇文章</a>的 Make a secure passphrase with Diceware 一节。</li>
- </ul>
-
- <p>如果你喜欢自己取密码,想一个你记得起的至少十二字符长的东西,至少包含一个小写和大写字母,和一个数字或标点符号。永远不要使用你其他地方使用过的密码。不用使用任何可辨识的模式,诸如生日、电话号码、宠物名字、歌词或书中的引言。</p>
-
- <p class="notes">在“生成密钥”(Key Creation)界面,程序需要花费小会儿完成下一步。等待时,你可以在计算机上做一些其他事情,比如看电影或浏览网页。此时你计算机使用的越频繁,密钥生成的速度越快。</p>
- <p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中 Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation Certificate [吊销证书]的目录在你的家目录下,并将它保存在那里)。这是本指南重要的一步,你将会在 <a href="#section5">Section 5</a> 了解到更多信息。</span></p>
-
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>我找不到 Enigmail 菜单</dt>
- <dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。Enigmail 可能在“工具”选项里。</dd>
-
- <dt>向导程序说它无法找到 GnuPG</dt>
- <dd>打开你常用来安装软件的程序,搜索 GnuPG,并安装它。通过 Enigmail → Setup Wizard 来重启 Enigmail 安装向导。</dd>
-
- <dt>我的邮件看起来很奇怪</dt>
- <dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的 HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
-
- <dt>更多资源</dt>
- <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">Enigmail's wiki instructions for key generation</a>。</dd>
-
-
-
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
-
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
-
-
- <dt>使用命令行生成密钥</dt>
- <dd>如果你偏爱使用命令行,以获得更高级别的控制,你可以参考文档 <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>。确保你选择的是"RSA and RSA" (the default),因为它比文档中推荐的算法更新更安全。同时确保你的密钥至少 2048 bits,如果你想更安全的话 4096 bits 也是可以的。</dd>
-
- <dt>Advanced key pairs</dt>
- <dd>When GnuPG creates a new keypair, it compartmentalizes the encryption function from the signing function through <a href="https://wiki.debian.org/Subkeys">subkeys</a>. If you use subkeys carefully, you can keep your GnuPG identity much more secure and recover from a compromised key much more quickly. <a href="https://alexcabal.com/creating-the-perfect-gpg-keypair/">Alex Cabal</a> and <a href="http://keyring.debian.org/creating-key.html">the Debian wiki</a> provide good guides for setting up a secure subkey configuration.</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
- </div><!-- End #step-2a .step -->
-
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-2b" class="step">
- <div class="main">
- <h3><em>Step 2.b</em> 上传公钥到密钥服务器</h3>
- <p>在你的电子邮件程序菜单里,选中 Enigmail → 密钥管理。</p>
- <p>在你的密钥那里右键,选择“上传公钥到密钥服务器”。使用弹窗中默认的密钥服务器。</p>
- <p class="notes">现在,想给你发送加密信息的人可以从因特网上下载到你的公钥了。上传时,菜单中有多个密钥服务器可供逆选择,但他们拥有彼此完成的副本,所以你选择哪一个无关紧要。然而,新的密钥上传后,服务器间可能要数小时才能完成同步。</p>
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>进度条一直没有结束</dt>
- <dd>关闭上传窗口,确保你已连接上网络,再试一次。如果还不行,则选择其他密钥服务器。</dd>
- <dt>我的密钥没有显示在列表中</dt>
- <dd>尝试选中“默认显示全部密钥”。</dd>
- <dt>更多文档</dt>
- <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">Enigmail's documentation</a>。</dd>
-
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
-
- </dl>
- </div><!-- /.troubleshooting -->
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
- <dt>Uploading a key from the command line</dt>
- <dd>You can also upload your keys to a keyserver through the <a href="https://www.gnupg.org/gph/en/manual/x457.html">command line</a>. <a href="https://sks-keyservers.net/overview-of-pools.php">The sks Web site</a> maintains a list of highly interconnected keyservers. You can also <a href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">directly export your key</a> as a file on your computer.</dd>
-
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
- </div><!-- End #step-2b .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="terminology" class="step">
- <div class="main">
- <h3>什么是 GnuPG,OpenPGP?</h3>
- <p>通常,术语 GnuPG, GPG, GNU Privacy Guard, OpenPGP 和 PGP 可以交换其称呼。技术上说,OpenPGP (Pretty Good Privacy) 是一种加密标准, GNU Privacy Guard (常被缩写为 GPG 或 GnuPG)是实现该标准的程序。Enigmail 是一个电子邮件程序的插件,它提供了 GnuPG 的界面。</p>
- </div><!-- End .main -->
- </div><!-- End #terminology.step-->
-
-
- </div>
- </section><!-- End #section2 -->
-
- <!-- ~~~~~~~~~ Section 3: Try it out ~~~~~~~~~ -->
- <section class="row" id="section3">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#3</em> 试一试</h2>
- <p>现在你将要尝试与名为 Edward 的计算机程序进行通信,它掌握了如何加密。除非另有说明,你与真人通信时也遵循同样的步骤。</p>
-
- <!-- <p>NOTE: Edward is currently having some technical difficulties, so he may take a long time to respond, or not respond at all. We're sorry about this and we're working hard to fix it. Your key will still work even without testing with Edward.</p> -->
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section3-try-it-out.png" alt="Try it out." /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 3.a</em> 向 Edward 发送你的公钥</h3>
- <p>这是与真人通信时你不需要做的特别一步。In your email program's menu, go to Enigmail → Key Management. You should see your key in the list that pops up. Right click on your key and select Send Public Keys by Email. This will create a new draft message, as if you had just hit the Write button.</p>
-
- <p>Address the message to <a href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>. Put at least one word (whatever you want) in the subject and body of the email. Don't send yet.</p>
-
- <p>The lock icon in the top left should be yellow, meaning encryption is
- turned on. We want this first special message to be unencrypted, so
- click the icon once to turn it off. The lock should become grey, with a
- blue dot on it (to alert you that the setting has been changed from the
- default). Once encryption is off, hit Send.</p>
-
- <p class="notes">It may take two or three minutes for Edward to respond. In the meantime, you might want to skip ahead and check out the <a href="#section5">Use it Well</a> section of this guide. Once he's responded, head to the next step. From here on, you'll be doing just the same thing as when corresponding with a real person.</p>
-
- <p>When you open Edward's reply, GnuPG may prompt you for your password before using your private key to decrypt it.</p>
- </div><!-- End .main -->
- </div><!-- End #step-3a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3b" class="step">
- <div class="main">
- <h3><em>Step 3.b</em> Send a test encrypted email</h3>
- <p>Write a new email in your email program, addressed to <a href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>. Make the subject "Encryption test" or something similar and write something in the body.</p>
- <p>The lock icon in the top left of the window should be yellow, meaning encryption is on. This will be your default from now on.</p>
- <p class="notes">Next to the lock, you'll notice an icon of a pencil. We'll get to this in a moment.</p>
- <p>Click Send. Enigmail will pop up a window that says "Recipients not valid, not trusted or not found."</p>
-
- <p>To encrypt an email to Edward, you need his public key, so now you'll have Enigmail download it from a keyserver. Click Download Missing Keys and use the default in the pop-up that asks you to choose a keyserver. Once it finds keys, check the first one (Key ID starting with C), then select ok. Select ok in the next pop-up.</p>
-
- <p>Now you are back at the "Recipients not valid, not trusted or not found" screen. Check the box in front of Edward's key and click Send.</p>
-
- <p class="notes">Since you encrypted this email with Edward's public key, Edward's private key is required to decrypt it. Edward is the only one with his private key, so no one except him can decrypt it.</p>
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>Enigmail can't find Edward's key</dt>
- <dd>Close the pop-ups that have appeared since you clicked Send. Make sure you are connected to the Internet and try again. If that doesn't work, repeat the process, choosing a different keyserver when it asks you to pick one.</dd>
- <dt>Unscrambled messages in the Sent folder</dt>
- <dd>Even though you can't decrypt messages encrypted to someone else's key, your email program will automatically save a copy encrypted to your public key, which you'll be able to view from the Sent folder like a normal email. This is normal, and it doesn't mean that your email was not sent encrypted.</dd>
- <dt>More resources</dt>
- <dd>If you're still having trouble with our instructions or just want to learn more, check out <a href="https://enigmail.wiki/Signature_and_Encryption#Encrypting_a_message">Enigmail's wiki</a>.</dd>
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
-
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
- <dt>Encrypt messages from the command line</dt>
- <dd>You can also encrypt and decrypt messages and files from the <a href="https://www.gnupg.org/gph/en/manual/x110.html">command line</a>, if that's your preference. The option --armor makes the encrypted output appear in the regular character set.</dd>
- </dl>
- </div><!-- /.troubleshooting -->
-
-
- </div><!-- End .main -->
- </div><!-- End #step-3b .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-headers_unencrypted" class="step">
- <div class="main">
- <h3><em>Important:</em> Security tips</h3>
- <p>Even if you encrypt your email, the subject line is not encrypted, so don't put private information there. The sending and receiving addresses aren't encrypted either, so a surveillance system can still figure out who you're communicating with. Also, surveillance agents will know that you're using GnuPG, even if they can't figure out what you're saying. When you send attachments, Enigmail will give you the choice to encrypt them or not, independent of the actual email.</p>
- </div><!-- End .main -->
- </div><!-- End #step-headers_unencrypted .step-->
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3c" class="step">
- <div class="main">
- <h3><em>Step 3.c</em> Receive a response</h3>
- <p>When Edward receives your email, he will use his private key to decrypt it, then use your public key (which you sent him in <a href="#step-3a">Step 3.A</a>) to encrypt his reply to you.</p>
-
- <p class="notes">It may take two or three minutes for Edward to respond. In the meantime, you might want to skip ahead and check out the <a href="#section5">Use it Well</a> section of this guide.</p>
- <p>When you receive Edward's email and open it, Enigmail will automatically detect that it is encrypted with your public key, and then it will use your private key to decrypt it.</p>
- <p>Notice the bar that Enigmail shows you above the message, with information about the status of Edward's key.</p>
- </div><!-- End .main -->
- </div><!-- End #step-3c .step -->
-
-
- <div id="step-3d" class="step">
- <div class="main">
- <h3><em>Step 3.d</em> Send a test signed email</h3>
- <p>GnuPG includes a way for you to sign messages and files, verifying that they came from you and that they weren't tampered with along the way. These signatures are stronger than their pen-and-paper cousins -- they're impossible to forge, because they're impossible to create without your private key (another reason to keep your private key safe).</p>
-
- <p>You can sign messages to anyone, so it's a great way to make people aware that you use GnuPG and that they can communicate with you securely. If they don't have GnuPG, they will be able to read your message and see your signature. If they do have GnuPG, they'll also be able to verify that your signature is authentic.</p>
-
- <p>To sign an email to Edward, compose any message to him and click the pencil icon next to the lock icon so that it turns gold. If you sign a message, GnuPG may ask you for your password before it sends the message, because it needs to unlock your private key for signing.</p>
-
- <p>With the lock and pencil icons, you can choose whether each message will be encrypted, signed, both, or neither.</p>
- </div>
- </div>
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3e" class="step">
- <div class="main">
- <h3><em>Step 3.e</em> Receive a response</h3>
- <p>When Edward receives your email, he will use your public key (which you sent him in <a href="#step-3a">Step 3.A</a>) to verify that your signature is authentic and the message you sent has not been tampered with.</p>
-
- <p class="notes">It may take two or three minutes for Edward to respond. In the meantime, you might want to skip ahead and check out the <a href="#section5">Use it Well</a> section of this guide.</p>
-
- <p>Edward's reply will arrive encrypted, because he prefers to use encryption whenever possible. If everything goes according to plan, it should say "Your signature was verified." If your test signed email was also encrypted, he will mention that first.</p>
- </div><!-- End .main -->
- </div><!-- End #step-3c .step -->
- </div>
- </section>
-
-
- <!-- ~~~~~~~~~ Section 4: Learn the Web of Trust ~~~~~~~~~ -->
- <section class="row" id="section4">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#4</em> Learn the Web of Trust</h2>
- <p>Email encryption is a powerful technology, but it has a weakness; it requires a way to verify that a person's public key is actually theirs. Otherwise, there would be no way to stop an attacker from making an email address with your friend's name, creating keys to go with it and impersonating your friend. That's why the free software programmers that developed email encryption created keysigning and the Web of Trust.</p>
-
- <p>When you sign someone's key, you are publicly saying that you've verified that it belongs to them and not someone else.</p>
-
- <p>Signing keys and signing messages use the same type of mathematical operation, but they carry very different implications. It's a good practice to generally sign your email, but if you casually sign people's keys, you may accidently end up vouching for the identity of an imposter.</p>
-
- <p>People who use your public key can see who has signed it. Once you've used GnuPG for a long time, your key may have hundreds of signatures. You can consider a key to be more trustworthy if it has many signatures from people that you trust. The Web of Trust is a constellation of GnuPG users, connected to each other by chains of trust expressed through signatures.</p>
-
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-4a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section4-web-of-trust.png" alt="Section 4: Web of Trust" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 4.a</em> Sign a key</h3>
- <p>In your email program's menu, go to Enigmail → Key Management.</p>
- <p>Right click on Edward's public key and select Sign Key from the context menu.</p>
- <p>In the window that pops up, select "I will not answer" and click ok.</p>
- <p>Now you should be back at the Key Management menu. Select Keyserver → Upload Public Keys and hit ok.</p>
- <p class="notes">You've just effectively said "I trust that Edward's public key actually belongs to Edward." This doesn't mean much because Edward isn't a real person, but it's good practice.</p>
-
-
- <!--<div id="pgp-pathfinder">
- <form enctype="application/x-www-form-urlencoded" action="/mk_path.cgi" method="get">
- <p><strong>From:</strong> <input type="text" placeholder="xD41A008" name="FROM"></p>
- <p><strong>To:</strong> <input type="text" placeholder="50BD01x4" name="TO"></p>
- <p class="buttons"><input type="submit" value="trust paths" name="PATHS"> <input type="reset" value="reset" name=".reset"></p>
- </form>
- </div>End #pgp-pathfinder -->
-
- </div><!-- End .main -->
- </div><!-- End #step-4a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-identify_keys" class="step">
- <div class="main">
- <h3>Identifying keys: Fingerprints and IDs</h3>
- <p>People's public keys are usually identified by their key fingerprint, which is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8 (for Edward's key). You can see the fingerprint for your public key, and other public keys saved on your computer, by going to Enigmail → Key Management in your email program's menu, then right clicking on the key and choosing Key Properties. It's good practice to share your fingerprint wherever you share your email address, so that people can double-check that they have the correct public key when they download yours from a keyserver.</p>
-
- <p class="notes">You may also see public keys referred to by their key ID, which is simply the last eight digits of the fingerprint, like C09A61E8 for Edward. The key ID is visible directly from the Key Management window. This key ID is like a person's first name (it is a useful shorthand but may not be unique to a given key), whereas the fingerprint actually identifies the key uniquely without the possibility of confusion. If you only have the key ID, you can still look up the key (as well as its fingerprint), like you did in Step 3, but if multiple options appear, you'll need the fingerprint of the person to whom you are trying to communicate to verify which one to use.</p>
-
- </div><!-- End .main -->
- </div><!-- End #step-sign_real_keys .step-->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="check-ids-before-signing" class="step">
- <div class="main">
- <h3><em>Important:</em> What to consider when signing keys</h3>
- <p>Before signing a person's key, you need to be confident that it actually belongs to them, and that they are who they say they are. Ideally, this confidence comes from having interactions and conversations with them over time, and witnessing interactions between them and others. Whenever signing a key, ask to see the full public key fingerprint, and not just the shorter key ID. If you feel it's important to sign the key of someone you've just met, also ask them to show you their government identification, and make sure the name on the ID matches the name on the public key. In Enigmail, answer honestly in the window that pops up and asks "How carefully have you verified that the key you are about to sign actually belongs to the person(s) named above?"
-</p>
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
- <dt>Master the Web of Trust</dt>
- <dd>Unfortunately, trust does not spread between users the way <a href="http://fennetic.net/irc/finney.org/~hal/web_of_trust.html">many people think</a>. One of best ways to strengthen the GnuPG community is to deeply <a href="https://www.gnupg.org/gph/en/manual/x334.html">understand</a> the Web of Trust and to carefully sign as many people's keys as circumstances permit.</dd>
- <dt>Set ownertrust</dt>
- <dd>If you trust someone enough to validate other people's keys, you can assign them an ownertrust level through Enigmails's key management window. Right click on the other person's key, go to the "Select Owner Trust" menu option, select the trustlevel and click OK. Only do this once you feel you have a deep understanding of the Web of Trust.</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
-
- </div><!-- End #step-sign_real_keys .step-->
-
-
- </div>
- </section><!-- End #section4 -->
-
- <!-- ~~~~~~~~~ Section 5: Use it well ~~~~~~~~~ -->
- <section id="section5" class="row">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#5</em> Use it well</h2>
- <p>Everyone uses GnuPG a little differently, but it's important to follow some basic practices to keep your email secure. Not following them, you risk the privacy of the people you communicate with, as well as your own, and damage the Web of Trust.</p>
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-5a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-01-use-it-well.png" alt="Section 5: Use it Well (1)" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3>When should I encrypt? When should I sign?</h3>
-
- <p>The more you can encrypt your messages, the better. If you only encrypt emails occasionally, each encrypted message could raise a red flag for surveillance systems. If all or most of your email is encrypted, people doing surveillance won't know where to start. That's not to say that only encrypting some of your email isn't helpful -- it's a great start and it makes bulk surveillance more difficult.</p>
- <p>Unless you don't want to reveal your own identity (which requires other protective measures), there's no reason not to sign every message, whether or not you are encrypting. In addition to allowing those with GnuPG to verify that the message came from you, signing is a non-intrusive way to remind everyone that you use GnuPG and show support for secure communication. If you often send signed messages to people that aren't familiar with GnuPG, it's nice to also include a link to this guide in your standard email signature (the text kind, not the cryptographic kind).</p>
-
- </div><!-- End .main -->
- </div><!-- End #step-5a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-5b" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-02-use-it-well.png" alt="Section 5: Use it Well (2)" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3>Be wary of invalid keys</h3>
- <p>GnuPG makes email safer, but it's still important to watch out for invalid keys, which might have fallen into the wrong hands. Email encrypted with invalid keys might be readable by surveillance programs.</p>
- <p>In your email program, go back to the first encrypted email that Edward sent you. Because Edward encrypted it with your public key, it will have a message from Enigmail at the top, which most likely says "Enigmail: Part of this message encrypted."</p>
- <p><b>When using GnuPG, make a habit of glancing at that bar. The program will warn you there if you get an email encrypted with a key that can't be trusted.</b></p>
- </div><!-- End .main -->
- </div><!-- End #step-5b .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-5c" class="step">
- <div class="main">
- <h3>Copy your revocation certificate to somewhere safe</h3>
- <p>Remember when you created your keys and saved the revocation certificate that GnuPG made? It's time to copy that certificate onto the safest digital storage that you have -- the ideal thing is a flash drive, disk, or hard drive stored in a safe place in your home, not on a device you carry with you regularly.</p>
- <p>If your private key ever gets lost or stolen, you'll need this certificate file to let people know that you are no longer using that keypair.</p>
- </div><!-- End .main -->
- </div><!-- End #step-5c .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-lost_key" class="step">
- <div class="main">
- <h3><em>Important:</em> act swiftly if someone gets your private key</h3>
- <p>If you lose your private key or someone else gets ahold of it (say, by stealing or cracking your computer), it's important to revoke it immediately before someone else uses it to read your encrypted email or forge your signature. This guide doesn't cover how to revoke a key, but you can follow these <a href="https://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/">instructions</a>. After you're done revoking, make a new key and send an email to everyone with whom you usually use your key to make sure they know, including a copy of your new key.</p>
- </div><!-- End .main -->
- </div><!-- End #step-lost_key .step-->
-
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <!---<div id="transfer-key" class="step">
- <div class="main">
- <h3>Transferring you key</h3>
- <p>You can use Enigmail's <a href="https://www.enigmail.net/documentation/keyman.php">key management window</a> to import and export keys. If you want to be able to read your encrypted email on a different computer, you will need to export your secret key from here. Be warned, if you transfer the key without <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">encrypting</a> the drive it's on the transfer will be dramatically less secure.</p>
- </div>--><!-- End .main -->
- </div><!-- End #step-lost_key .step-->
-
-
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="webmail-and-GnuPG" class="step">
- <div class="main">
- <h3>Webmail and GnuPG</h3>
- <p>When you use a web browser to access your email, you're using webmail, an email program stored on a distant website. Unlike webmail, your desktop email program runs on your own computer. Although webmail can't decrypt encrypted email, it will still display it in its encrypted form. If you primarily use webmail, you'll know to open your email client when you receive a scrambled email.</p>
- </div><!-- End .main -->
- </div><!-- End #webmail-and-GnuPG .step-->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~
- <div id="step-5d" class="step">
- <div class="main">
- <h3>Make your public key part of your online identity</h3>
- <p> First add your public key fingerprint to your email signature, then compose an email to at least five of your friends, telling them you just set up GnuPG and mentioning your public key fingerprint. Link to this guide and ask them to join you. Don't forget that there's also an awesome <a href="infographic.html">infographic to share.</a></p>
-
- <p class="notes">Start writing your public key fingerprint anywhere someone would see your email address: your social media profiles, blog, Website, or business card. (At the Free Software Foundation, we put ours on our <a href="https://fsf.org/about/staff">staff page</a>.) We need to get our culture to the point that we feel like something is missing when we see an email address without a public key fingerprint.</p>
- </div>--><!-- End .main
-</div> End #step-5d .step-->
-
-</section><!-- End #section5 -->
-
-
-
-<!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
+<li><a
+href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"><strong><span
+style="color: #2F5FAA;">Translate!</span></strong></a></li>
+</ul>
+
+<ul id="menu" class="os">
+<li class="spacer"><a href="index.html" class="current">GNU/Linux</a></li>
+<li><a href="mac.html">Mac OS</a></li>
+<li><a href="windows.html">Windows</a></li>
+<li class="spacer"><a href="workshops.html">研讨会</a></li>
+<li class="spacer"><a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email encryption
+for everyone via %40fsf"> Share
+<img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png" class="share-logo"
+alt="[GNU Social]" />
+<img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png" class="share-logo"
+alt="[Pump.io]" />
+<img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png" class="share-logo"
+alt="[Reddit]" />
+<img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png" class="share-logo"
+alt="[Hacker News]" /></a></li>
+</ul>
+
+
+<!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
+<div id="fsf-intro">
+
+<h3><a href="http://u.fsf.org/ys"><img
+alt="自由软件基金会"
+src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" />
+</a></h3>
+
+<div class="fsf-emphasis">
+
+<p>我们为计算机用户的权利而战,并促进自由软件的发展,对抗大规模监控对我们至关重要。</p>
+
+<p><strong>请捐款以支持电子邮件加密指南。我们会一直改进它,使其充实,迈出保护自己隐私的第一步是人人受益的。</strong></p>
+
+</div>
+
+<p><a
+href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img
+alt="捐款"
+src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png" /></a></p>
+
+</div>
+
+
+<!-- End #fsf-intro -->
+<!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
+<div class="intro">
+
+<p><a id="infographic" href="infographic.html"><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png"
+alt="查看并分享我们的信息图" /></a>
+大规模监控侵犯了我们的基本权利,并危及了言论自由。本指南将会教授你一个基本的监控自我保护技巧:加密电子邮件。一旦你学会了,你将能够收发其他人(包括那些拦截你邮件的监控代理或窃贼)无法阅读的电子邮件。你需要的是一台带网络连接的计算机,一个电子邮箱账号和大约四十分钟时间。</p>
+
+<p>即使你没有什么见不得人的事情,通过加密可以保护通信对方的隐私,并使大规模监控系统变得难以运作。如果你确实有重要的东西需要隐藏,那么你并不孤独;告密者们在揭发人权侵犯、腐败以及其他犯罪问题时,也是使用同样的工具保护他们身份的。</p>
+
+<p>除了使用加密技术,我们还需要坚持不懈地与监控作政治斗争,以减少政府<a
+href="http://gnu.org/philosophy/surveillance-vs-democracy.html">对我们的大量数据收集</a>。但重中之重是保护好你自己,使得监控你的通讯尽可能的困难。本指南将帮助你做到。它是为初学者设计的,但如果你已经掌握了
+GnuPG 的基本知识,或你是一位资深自由软件用户,你会喜欢进阶提示与<a href="workshops.html">加密探讨会指南</a>。</p>
+
+</div>
+<!-- End .intro -->
+</div></header>
+
+
+<!-- End #header -->
+<!-- ~~~~~~~~~ Section 1: Get the pieces ~~~~~~~~~ -->
+<section class="row" id="section1"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#1</em> 获取部件</h2>
+
+<p class="notes">本指南依赖于<a
+href="https://www.gnu.org/philosophy/free-sw.html">自由许可</a>的软件;它是完全透明的,任何人都可以复制它,制作自己的版本。这使得它比专有软件(比如
+Windows)来的更安全。你可以在 <a href="https://u.fsf.org/ys">fsf.org</a>
+上了解更多有关自由软件的信息。</p>
+
+<p>大多数 GNU/Linux 操作系统自带 GnuPG,所以你不必下载它。在配置 GnuPG 前,你需要安装 IceDove 桌面电子邮件程序。大多数
+GNU/Linux 发行版已经安装好 IceDove 了,它可能是以别名 Thunderbird
+出现在你的计算机中。电子邮件程序是另一种访问邮箱账号的途径(你也可以像 Gmail 那样通过浏览器访问),但它提供了更多的功能。</p>
+
+<p>如果你已经有了电子邮件程序,你可以跳至 <a href="#step-1b">Step 1.b</a>。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-1a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1a-install-wizard.png"
+alt="Step 1.A: 安装向导" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 1.a</em> 配置电子邮件帐号</h3>
+
+<p>打开你的邮件程序,按照向导程序的提示逐步设置好你的邮箱账号。</p>
+
+<p>在配置你的账号时,留意服务器右侧的 SSL, TLS 或 STARTTLS
+字样。如果你没有看到他们,你仍将有能力使用加密,但这意味着运行邮件系统的人以低于行业标准的规范保护着你的安全与隐私。我们建议你,向他们发送一份友好的邮件,要求他们为邮件服务器启用
+SSL, TLS 或 STARTTLS。他们会知道你说的是什么,如果你不是系统安全的专家,这是一个值得的请求。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>向导程序没有启动</dt>
+<dd>你可以自行启动它,但不同邮件程序的菜单选项不尽相同。启动它的按钮在程序的主菜单里,“新建”或者类似的,标题类似于“添加账号”(Add
+account)或者“新建/已存在的邮箱账号”(New/Existing email account)。</dd>
+
+<dt>向导程序没有找到我的账号或者不在下载我的邮件</dt>
+<dd>在网上搜索解决方案之前,我们建议你问问你身边使用相同邮件系统的人,以检查设置是否正确。</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step1-a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-1b" class="step">
+<div class="sidebar">
+<ul class="images">
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-01-tools-addons.png"
+alt="Step 1.B: 工具 -> 附加组件" /></li>
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-02-search.png"
+alt="Step 1.B: 搜索附加组件" /></li>
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-03-install.png"
+alt="Step 1.B: 安装附加组件" /></li>
+</ul>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 1.b</em> 安装 ENIGMAIL 扩展</h3>
+
+<p>在邮件程序的菜单栏里,选择“附加组件”(Add-ons,它可能在工具选项里)。确认选上了左侧的“扩展”(Extensions)。看到了 Enigmail
+吗?如果是,请跳过此步。</p>
+
+<p>如果没有,在右上方的搜索框里搜索“Enigmail”。你可以在这里获取到它。安装完成后重启邮件客户端。</p>
+
+<p>在 GnuPG 2.2.8 和 Engmail 2.0.7 前的版本存在重大安全漏洞。请确保安装的是 GnuPG 2.2.8 和 Engmail
+2.0.7 及其之后的版本。</p>
+
+<p>请注意:2018年6月18日,GnuPG 2.2.8 在 Debian stable 和 testing 中不可用。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>我找不到菜单。</dt>
+<dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。</dd>
+
+<dt>我的电子邮件看起来很奇怪</dt>
+<dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的
+HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+<!-- End #step-1b .step -->
+</div></section>
+
+
+<!-- End #section1 -->
+<!-- ~~~~~~~~~ Section 2: Make your keys ~~~~~~~~~ -->
+<section class="row" id="section2"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#2</em> 生成密钥</h2>
+
+<p>要使用 GnuPG 体系,你将会用到一把公钥(public key)和一把私钥(private
+key),他们合称为密钥对(keypair)。每一把都是随机生成的一长串数字和字母的值,它是独一无二的。你的公钥和私钥是由一种特殊的数学函数联系在一起。</p>
+
+<p>你的公钥不太像现实中的钥匙,它公开储存在被称之为密钥服务器(keyserver)的在线目录上。人们可以下载使用它,借助
+GnuPG,人们向你发送加密邮件。你可以把密钥服务器想象成一本电话簿;想要给你发送加密邮件的人能够找到你的公钥。</p>
+
+<p>你的私钥更像是现实中的钥匙,你需要自行保管它(在你的计算机中)。你可以使用 GnuPG 和你的私钥来解密他人发给你的加密邮件。<span
+style="font-weight: bold;">无论如何,你都不应该改向他人分享你的私钥。</span></p>
+
+<p>除了加密和解密,你可以使用这些密钥对消息进行签名,并检查其他人签名的真实性。我们将在下一节里详细探讨它。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-2a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step2a-01-make-keypair.png"
+alt="Step 2.A: 生成密钥对" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 2.a</em> 生成密钥对</h3>
+
+<p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup
+Wizard。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
+
+<ul>
+<li>在“加密”(Encryption)界面,选中“默认加密我的所有消息,因为隐私对我很重要”。</li>
+
+<li>在“签名”(Signing)界面,选中“默认不对我的消息签名”。</li>
+
+<li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”。</li>
+
+<li>On the screen titled "Create Key," pick a strong password! You can do it
+manually, or you can use the Diceware method. Doing it manually is faster
+but not as secure. Using Diceware takes longer and requires dice, but
+creates a password that is much harder for attackers figure out. To use it,
+read the section "Make a secure passphrase with Diceware" in <a
+href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">
+this article</a> by Micah Lee.</li>
+</ul>
+
+<p>如果你喜欢自己取密码,想一个你记得起的至少十二字符长的东西,至少包含一个小写和大写字母,和一个数字或标点符号。永远不要使用你其他地方使用过的密码。不用使用任何可辨认的规律,诸如生日、电话号码、宠物名字、歌词或书中的引言。</p>
+
+<p class="notes">在“生成密钥”(Key
+Creation)界面,程序需要花费小会儿完成下一步。等待时,你可以在计算机上做一些其他事情,比如看电影或浏览网页。此时你计算机使用的越频繁,密钥生成的速度越快。</p>
+
+<p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中
+Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation
+Certificate [吊销证书]的目录在你的家目录下,并将它保存在那里)。这是本指南重要的一步,你将会在 <a
+href="#section5">Section 5</a> 了解到更多信息。</span></p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>我找不到 Enigmail 菜单。</dt>
+<dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。Enigmail 可能在“工具”选项里。</dd>
+
+<dt>向导程序无法找到 GnuPG</dt>
+<dd>打开你常用来安装软件的程序,搜索 GnuPG,并安装它。通过 Enigmail → Setup Wizard 来重启 Enigmail 安装向导。</dd>
+
+<dt>我的电子邮件看起来很奇怪</dt>
+<dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的
+HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
+
+<dt>更多资源</dt>
+<dd>If you're having trouble with our instructions or just want to learn more,
+check out <a
+href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">
+Enigmail's wiki instructions for key generation</a>.</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+
+
+<!-- /.troubleshooting -->
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>使用命令行生成密钥</dt>
+<dd>如果你偏爱使用命令行,以获得更高级别的控制,你可以参考文档 <a
+href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy
+Handbook</a>。确保你选择的是"RSA and RSA" (the default),因为它比文档中推荐的算法更新更安全。同时确保你的密钥至少
+2048 bits,如果你想更安全的话 4096 bits 也是可以的。</dd>
+
+<dt>Advanced key pairs</dt>
+<dd>When GnuPG creates a new keypair, it compartmentalizes the encryption
+function from the signing function through <a
+href="https://wiki.debian.org/Subkeys">subkeys</a>. If you use subkeys
+carefully, you can keep your GnuPG identity much more secure and recover
+from a compromised key much more quickly. <a
+href="https://alexcabal.com/creating-the-perfect-gpg-keypair/">Alex
+Cabal</a> and <a href="http://keyring.debian.org/creating-key.html">the
+Debian wiki</a> provide good guides for setting up a secure subkey
+configuration.</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-2a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-2b" class="step">
+<div class="main">
+
+<h3><em>Step 2.b</em> 上传公钥到密钥服务器</h3>
+
+<p>在你的电子邮件程序菜单里,选中 Enigmail → 密钥管理。</p>
+
+<p>在你的密钥那里右键,选择“上传公钥到密钥服务器”。使用弹窗中默认的密钥服务器。</p>
+
+<p class="notes">现在,想给你发送加密信息的人可以从因特网上下载到你的公钥了。上传时,菜单中有多个密钥服务器可供逆选择,但他们拥有彼此完成的副本,所以你选择哪一个无关紧要。然而,新的密钥上传后,服务器间可能要数小时才能完成同步。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>进度条一直没有结束</dt>
+<dd>关闭上传窗口,确保你已连接上网络,再试一次。如果还不行,则选择其他密钥服务器。</dd>
+
+<dt>我的密钥没有显示在列表中</dt>
+<dd>尝试选中“默认显示全部密钥”。</dd>
+
+<dt>更多文档</dt>
+<dd>If you're having trouble with our instructions or just want to learn more,
+check out <a
+href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">
+Enigmail's documentation</a>.</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+
+
+<!-- /.troubleshooting -->
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>使用命令行上传公钥</dt>
+<dd>你也可以通过<a
+href="https://www.gnupg.org/gph/en/manual/x457.html">命令行</a>上传公钥到密钥服务器。<a
+href="https://sks-keyservers.net/overview-of-pools.php">The sks Web site</a>
+维护着一个高度相互连接的密钥服务器列表。你也可以<a
+href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">直接导出公钥</a>文件到你的计算机中。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-2b .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="terminology" class="step">
+<div class="main">
+
+<h3>什么是 GnuPG,OpenPGP?</h3>
+
+<p>通常,术语 GnuPG, GPG, GNU Privacy Guard, OpenPGP 和 PGP 可以交换其称呼。技术上说,OpenPGP
+(Pretty Good Privacy) 是一种加密标准, GNU Privacy Guard (常被缩写为 GPG 或
+GnuPG)是实现该标准的程序。Enigmail 是一个电子邮件程序的插件,它提供了 GnuPG 的界面。</p>
+
+</div>
+<!-- End .main -->
+</div>
+<!-- End #terminology.step-->
+</div></section>
+
+
+<!-- End #section2 -->
+<!-- ~~~~~~~~~ Section 3: Try it out ~~~~~~~~~ -->
+<section class="row" id="section3"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#3</em> 试一试</h2>
+
+<p>现在你将要尝试与名为 Edward 的计算机程序进行通信,它掌握了如何加密。除非另有说明,你与真人通信时也遵循同样的步骤。</p>
+
+
+<!-- <p>
+NOTE: Edward is currently having some technical difficulties, so he
+may take a long time to respond, or not respond at all. We're sorry about
+this and we're working hard to fix it. Your key will still work even without
+testing with Edward.</p> -->
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section3-try-it-out.png"
+alt="来试试" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 3.a</em> 向爱德华发送你的公钥</h3>
+
+<p>这一步很特别,因为你和真人通信时不需要做。在你的邮件程序菜单中,找到 Enigmail → Key
+Management。你应当看到你的密钥在弹窗的列表中。在你的密钥处右键,选择“通过邮件发送公钥”。这会创建一封草稿消息,就好像你点击了“撰写”按钮。</p>
+
+<p>收信人地址填写 <a
+href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>。在邮件主题栏和正文里任意撰写内容。先别发送。</p>
+
+<p>左上方的锁形图标应当是黄色的,这意味着加密已经启用。我们需要这第一封特别的邮件是未经加密的,因此需要单击图标让它关闭。此时锁形图标会变成灰色,并带有小蓝点(以提醒你默认设置已发生改变)。加密关闭后,点击发送。</p>
+
+<p class="notes">爱德华可能需要两三分钟回复邮件。在这期间,你可以跳过前面的部分并查阅本指南<a
+href="#section5">善用加密</a>章节。爱德华回复后,继续下面的步骤。从这里开始,你所要做的与真人通信时相同。</p>
+
+<p>你打开爱德华回复的邮件,在使用私钥解密消息时,GnuPG 可能会弹窗要求输入密码。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-3a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3b" class="step">
+<div class="main">
+
+<h3><em>Step 3.b</em> 发送一封测试加密邮件</h3>
+
+<p>在你的邮件程序中写一封新的邮件,收信人地址填写 <a
+href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>。在主题中填写“加密测试”或类似的词语,并在正文中写一些内容。</p>
+
+<p>窗口左上放的锁形图标应当是黄色的,这意味着加密已启用。这会是你今后的默认设置。</p>
+
+<p class="notes">紧挨这锁形,你会注意带一个铅笔图标。我们马上就会用到它。</p>
+
+<p>点击发送。Enigmail 会弹出窗口提示“收件人不合法,不受信任或未找到。”</p>
+
+<p>要给爱德华发送加密邮件,你需要他的公钥,接下来你要 Enigmail
+从密钥服务器下载它。点击“下载缺失的密钥”,并使用默认的密钥服务器。一旦它找到公钥后,选择第一支密钥(以 C 开头的 Key
+ID),并确定。在下一个弹窗中选择确定。</p>
+
+<p>现在你返回“收件人不合法,不受信任或未找到”界面,查看爱德华公钥的窗口,点击发送。</p>
+
+<p class="notes">因为你使用了爱德华的公钥加密邮件,解密则就要求爱德华的私钥。只有爱德华自己有它的私钥,因此除了他,没人能解密消息。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>Enigmail 无法找到爱德华的公钥</dt>
+<dd>关闭点击发送时的弹窗,确保你已经连接上因特网并再试一次。如果仍然无效,重复此过程,选择其他密钥服务器。</dd>
+
+<dt>已发送文件夹中解密的消息</dt>
+<dd>即便你无法解密用其他人公钥加密过的消息,你的邮件程序会自动用你的公钥保存一份副本,这就使得你能够在已发送文件夹像查看普通邮件一样查看它。这是正常的,它并不代表你已发的邮件没有被加密。</dd>
+
+<dt>更多资源</dt>
+<dd>If you're still having trouble with our instructions or just want to learn
+more, check out <a
+href="https://enigmail.wiki/Signature_and_Encryption#Encrypting_a_message">
+Enigmail's wiki</a>.</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+
+
+<!-- /.troubleshooting -->
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>使用命令行加密消息</dt>
+<dd>如果你喜欢,你也可以用<a
+href="https://www.gnupg.org/gph/en/manual/x110.html">命令行</a>加解密消息和文件。命令开关
+--armor 能够使加密输出显示为常规字符集。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-3b .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-headers_unencrypted" class="step">
+<div class="main">
+
+<h3><em>重要:</em> 安全提示</h3>
+
+<p>即便你加密了邮件,主题行是不受加密的,因此不要在那里填写私人信息。发送人和接收人的邮件地址也是不经过加密的,因此监控系统可以辨识出你在和谁通信。同时,监控代理将会知道你使用了
+GnuPG,即便不知道你说了什么。当你发送附件时,Enigmail 会让你选择加密与否,它是独立于真实邮件的。</p>
+
+<p>防范潜在的攻击有着更好的安全优势,你可以关闭 HTML 格式,转而使用纯文本作为正文。在 Thunderbird 中,到 View >
+Message Body As > Plain Text 可以做到这一点。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-headers_unencrypted .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3c" class="step">
+<div class="main">
+
+<h3><em>Step 3.c</em> 接收回信</h3>
+
+<p>当爱德华收到你的邮件,他会使用他的私钥去解密消息,接下里使用你的公钥(你在 <a href="#step-3a">Step 3.A</a>
+发给他了)加密他给你的回复。</p>
+
+<p class="notes">爱德华可能需要两三分钟回复邮件。在这期间,你可以跳过前面的部分并查阅本指南<a href="#section5">善用加密</a>章节。</p>
+
+<p>当你接收爱德华的邮件并打开它时,Enigmail 会自动检测它是否使用你的公钥加密的,接下来使用你的私钥解密消息。</p>
+
+<p>消息上方的通知条显示爱德华公钥状态的信息。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-3c .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3d" class="step">
+<div class="main">
+
+<h3><em>Step 3.d</em> 发送一封测试签名邮件</h3>
+
+<p>GnuPG
+提供了对消息或文件签名的方式,验证它们的确来自于你,并且一直未被篡改。这些签名比笔头签名更强有力——前者是无法被伪造的,因为没有你的私钥就无法签名(这是另一个保护私钥安全的原因)。</p>
+
+<p>你可以向任何人签名消息,因此让安全通信的对方意识到你在使用 GnuPG,是个不错的主意。如果他们没有
+GnuPG,他们仍将有能力阅读你的消息并查看你的签名。如果他们有,他们将有能力验证你签名的真实性。</p>
+
+<p>要想对爱德华的邮件签名,并撰写一些消息给他,点击紧邻锁形图标的铅笔图标,它会变成金黄色。你要是对消息签名,GnuPG
+可能会在你点击发送消息钱询问你密码,这是因为签名需要解锁私钥。</p>
+
+<p>锁形和铅笔图标能够让你对每封消息选择加密、签名、两者都要或者都不要。</p>
+
+</div>
+</div>
+
+
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3e" class="step">
+<div class="main">
+
+<h3><em>Step 3.e</em> 接收回信</h3>
+
+<p>当爱德华收到你的邮件,他将会使用你的公钥(你在 <a href="#step-3a">Step
+3.A</a>发给他了)去验证你签名的真实性,以及你发送的消息未经篡改。</p>
+
+<p class="notes">爱德华可能需要两三分钟回复邮件。在这期间,你可以跳过前面的部分并查阅本指南<a href="#section5">善用加密</a>章节。</p>
+
+<p>爱德华的回复回事加密的,因为只要有可能他就会使用加密。如果按计划进行,他会回复“你的签名是已被验证”。如果你的测试签名邮件也是加密的,他会优先提及。</p>
+
+</div>
+<!-- End .main -->
+</div>
+<!-- End #step-3e .step -->
+</div></section>
+
+
+<!-- ~~~~~~~~~ Section 4: Learn the Web of Trust ~~~~~~~~~ -->
+<section class="row" id="section4"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#4</em> 了解信任网</h2>
+
+<p>邮件加密是一种强有力的技术,但它有弱点;它要求验证某人的公钥的的确确是属于他的。否则,无法阻止攻击者使用你朋友姓名和邮件地址,生成密钥,进行冒充。这就是为什么自由软件的程序员开发出密钥签名(keysigning)和信任网(the
+Web of Trust)。</p>
+
+<p>当你签署了某人的公钥,相当于你公开声称这把公钥经过你验证是属于他们的,而不是其他人。</p>
+
+<p>签署密钥和消息签名使用了同种类型的数学运算,但有着不同的含义。通常,对自己邮件进行签名是良好的实践,但随意签署别人的公钥,你可能最终会意外地为冒充者做了担保。</p>
+
+<p>拥有你的公钥的人可以看到谁签署了此公钥。长期使用 GnuPG
+后,你的密钥可能有数百支签名。你可以认为,公钥上你信任的人的签名越多,那么这只公钥越可信。信任网是 GnuPG
+用户的聚集地,他们用签名传递着信任链,连接彼此。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-4a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section4-web-of-trust.png"
+alt="Section 4: 信任网" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 4.a</em> 签署密钥</h3>
+
+<p>在邮件程序菜单中,选择 Enigmail → Key Management。</p>
+
+<p>爱德华公钥处右键,在上下文菜单中选中“签署密钥”。</p>
+
+<p>在弹窗中,选中“我不会回应”并点击确定。</p>
+
+<p>现在你返回 Key Management 菜单。选择 Keyserver → Upload Public Keys 并点击确定。</p>
+
+<p class="notes">你刚刚有力地表达了“我信任爱德华的公钥,它的确属于爱德华”。由于爱德华是一个机器人,这对它并不意味着什么,但这是一个好的实践。</p>
+
+
+<!--<div id="pgp-pathfinder">
+
+
+<form enctype="application/x-www-form-urlencoded" action="/mk_path.cgi"
+method="get">
+
+<p><strong>From:</strong><input type="text" value="xD41A008"
+name="FROM"></p>
+
+<p><strong>To:</strong><input type="text" value="50BD01x4" name="TO"></p>
+
+<p class="buttons"><input type="submit" value="trust paths" name="PATHS"><input
+type="reset" value="reset" name=".reset"></p>
+
+</form>
+
+</div>End #pgp-pathfinder -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-4a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-identify_keys" class="step">
+<div class="main">
+
+<h3>验证密钥:指纹和 ID</h3>
+
+<p>人们的公钥通常是由他们密钥指纹确定的,它是像 F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8
+(爱德华的密钥)的数字串。通过在你邮件程序菜单 Enigmail → Key Management
+,在密钥上右键密钥属性,你能看到你的公钥以及计算机上其他公钥的指纹。在告诉他人你邮箱地址的同时,分享你的指纹是一个不错的实践,这样人们可以在从服务器下载你公钥的时候,再次检查下载的公钥是否正确。</p>
+
+<p class="notes">你可能已经看到有人使用短 key ID 表示公钥。Key Management 窗口中,你可以直接看到 key
+ID。这八位字符曾经用于表示身份,现已经不再安全可靠。你需要检查完整的指纹,以验证你确实拥有通信对方正确的密钥。不幸的是,有意生成两个指纹后八位一样的密钥,这种欺诈是很常见的。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-identify_keys .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="check-ids-before-signing" class="step">
+<div class="main">
+
+<h3><em>重要:</em> 签署密钥时需要考虑什么</h3>
+
+<p>在签署密钥前,你需要确认密钥的确是属于他的,的的确确是声称是自己的那个人。这种确信来自逐步地沟通交流,以及目睹了他与其他人的交流过程。任何时候签署密钥都应该要求查看完整的公钥指纹,而不只是短
+key ID。如果你认为所要签署人的公钥相当重要,可以要求他出示身份证明,确保身份证上的姓名与公钥的姓名相符。在 Enigmail
+里,诚实地回答弹出窗口问题“你对签署的公钥确实属于那个名字的人,验证的严格程度?”</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>精通信任网</dt>
+<dd>不幸地是,信任并不是像<a
+href="http://fennetic.net/irc/finney.org/~hal/web_of_trust.html">大多数人想象的</a>那样在用户之间传递。深入<a
+href="https://www.gnupg.org/gph/en/manual/x334.html">理解</a>信任网是如何运作的,并在条件允许的情况下,谨慎地对尽可能多的人的密钥进行签名,是增强
+GnuPG 社区的最佳方式。</dd>
+
+<dt>设置信任级</dt>
+<dd>如果你对某人的信任足够验证其他人的密钥,你可以在 Enigmail 的 Key management
+窗口中,为他们指派一个信任级(ownertrust)级别。在其他人密钥处右键,选中“选择信任级”(Select Owner
+Trust)菜单选项,选择信任级,并点击确定。在充分理解信任网的前提下,完成这一步。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+<!-- End #check-ids-before-signing .step-->
+</div></section>
+
+
+<!-- End #section4 -->
+<!-- ~~~~~~~~~ Section 5: Use it well ~~~~~~~~~ -->
+<section id="section5" class="row"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#5</em> 善用加密</h2>
+
+<p>每个人使用 GnuPG 方法不尽相同,遵循一些基本的实践是保护邮件安全的重要方式。一旦不遵守,你便是拿着通信双方的隐私做冒险,并且危及信任网。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-5a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-01-use-it-well.png"
+alt="Section 5: 善用加密(1)" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3>何时该加密?何时该签名?</h3>
+
+<p>加密消息是多多益善的。如果你只是偶然加密邮件,每封的加密消息就像是为监控系统竖红旗。如果全部邮件都是加密的,做监控的人不会知道哪封是开始——这不是说加密部分邮件毫无帮助——使大规模监控变得困难是重要的开头。</p>
+
+<p>除非你不想暴露身份(这还要求其他保护措施),没有理由不对每封信签名,无论是否加密。除了允许 GnuPG
+验证消息确实来自于你,签名是一种非侵入式的方式,提醒别人你在使用 GnuPG,并对支持安全的通信表示支持。如果你经常给不熟悉 GnuPG
+的人发送签名消息,在你的标准邮件签名(the text kind, not the cryptographic kind)中附上本指南的链接将会不错。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-5a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-5b" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-02-use-it-well.png"
+alt="Section 5: 善用加密(2)" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3>警惕非法密钥</h3>
+
+<p>GnuPG 能够是的邮件更安全,但仍要小心非法密钥,它可能导致消息落入坏人之手。非法密钥加密的邮件可能可以被监控程序读取。</p>
+
+<p>在你的邮件程序里,回到爱德华发给你的第一封加密邮件。因为爱德华用你的公钥加密了它,Enigmail
+的上方会有一条消息,它可能是这样写的:“Enigmail:消息部分已加密”。</p>
+
+<p><b>使用 GnuPG 时,要养成看通知条的习惯。如果你收到的邮件是用不受信任的密钥签名的,程序会提醒你。</b></p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-5b .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-5c" class="step">
+<div class="main">
+
+<h3>备份吊销证书到安全的地方</h3>
+
+<p>还记得你是何时生成密钥和保存 GnuPG
+生成的吊销证书的吗?是时候将证书复制到安全的数字储存设备上——理想的地方是闪存盘,磁盘或者硬盘,他们存放在家中安全的地方——而不是你随身携带的设备。</p>
+
+<p>如果你的私钥丢失或被盗,你需要这张证书文件以让人们知晓,你不再使用这对密钥对了。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-5c .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-lost_key" class="step">
+<div class="main">
+
+<h3><em>重要:</em> 如果有人得到了你的私钥,要迅速行动</h3>
+
+<p>要是你丢失了私钥或是有人得到了它(这是说,你的计算机被偷或者被黑)。在其他人使用你私钥阅读你的加密邮件或是伪造签名前,立即吊销它显得格外重要。本指南不包含如何吊销密钥,但你可以遵循这些<a
+href="https://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/">指示</a>。在你吊销完成后,生成新的密钥对,并给所有使用你的密钥的人发送邮件,并附上新密钥的拷贝,确保他们知道发生了什么。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+
+
+
+<!-- End #step-lost_key .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<!---<div id="transfer-key" class="step">
+
+<div class="main">
+
+<h3>Transferring you key</h3>
+
+<p>You can use Enigmail's <a
+href="https://www.enigmail.net/documentation/keyman.php">key management
+window</a> to import and export keys. If you want to be able to read
+your encrypted email on a different computer, you will need to export
+your secret key from here. Be warned, if you transfer the key without <a
+href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">encrypting</a>
+the drive it's on the transfer will be dramatically less secure.</p>
+
+</div>-->
+<!-- End .main
+</div>
+ End #transfer-key .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="webmail-and-GnuPG" class="step">
+<div class="main">
+
+<h3>网页邮箱和 GnuPG</h3>
+
+<p>当你使用网页浏览器获取你的邮件,那么你使用的是网页邮箱(webmail),它是一个直接存放在网站的电子邮件程序。和网页邮箱不同,你的桌面邮件程序是运行在你自己的计算机上。即使网页邮箱无法解密加密过的邮件,它仍然会以加密形式显示出来。如果你常用的是网页邮箱,当你收到一封混乱的电子邮件时,你应当知道去打开你的电子邮件客户端。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #webmail-and-GnuPG .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~
+<div id="step-5d" class="step">
+
+<div class="main">
+
+<h3>Make your public key part of your online identity</h3>
+
+<p> First add your public key fingerprint to your email signature, then
+compose an email to at least five of your friends, telling them you just
+set up GnuPG and mentioning your public key fingerprint. Link to this guide
+and ask them to join you. Don't forget that there's also an awesome <a
+href="infographic.html">infographic to share.</a></p>
+
+<p class="notes">Start writing your public key fingerprint anywhere someone
+would see your email address: your social media profiles, blog, Website,
+or business card. (At the Free Software Foundation, we put ours on our
+<a href="https://fsf.org/about/staff">staff page</a>.) We need to get our
+culture to the point that we feel like something is missing when we see an
+email address without a public key fingerprint.</p>
+
+</div>-->
+<!-- End .main
+</div>
+ End #step-5d .step-->
+</div></section>
+
+
+<!-- End #section5 -->
+<!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
<section class="row" id="section6">
- <div id="step-click_here" class="step">
- <div class="main">
- <h2><a href="next_steps.html">Great job! Check out the next steps.</a></h2>
+<div id="step-click_here" class="step">
+<div class="main">
+
+<h2><a href="next_steps.html">很不错!继续查看下一步。</a></h2>
+
+</div>
+<!-- End .main -->
+</div>
+<!-- End #step-click_here .step-->
+</section>
- </div><!-- End .main -->
- </div><!-- End #step-click_here .step-->
-</section><!-- End #section6 -->
-<!-- ~~~~~~~~~ FAQ ~~~~~~~~~ -->
+
+
+<!-- End #section6 -->
+<!-- ~~~~~~~~~ FAQ ~~~~~~~~~ -->
<!-- When un-commenting this section go to main.css and search
for /* Guide Sections Background */ then add #faq to the desired color
-
<section class="row" id="faq">
<div>
<div class="sidebar">
+
<h2>FAQ</h2>
-</div>
+</div>
<div class="main">
+
<dl>
<dt>My key expired</dt>
<dd>Answer coming soon.</dd>
<dt>Who can read encrypted messages? Who can read signed ones?</dt>
<dd>Answer coming soon.</dd>
-<dt>My email program is opening at times I don't want it to open/is now my default program and I don't want it to be.</dt>
+<dt>My email program is opening at times I don't want it to open/is now my
+default program and I don't want it to be.</dt>
<dd>Answer coming soon.</dd>
</dl>
+
</div>
</div>
-</section> --><!-- End #faq -->
-
-<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
-<footer class="row" id="footer">
- <div>
- <div id="copyright">
- <h4><a href="https://u.fsf.org/ys"><img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
- <p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software Foundation</a>, Inc. <a href="https://my.fsf.org/donate/privacypolicy.html">Privacy Policy</a>. Please support our work by <a href="https://u.fsf.org/yr">joining us as an associate member.</a></p>
+</section> -->
+<!-- End #faq -->
+<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
+<footer class="row" id="footer"><div>
+<div id="copyright">
+
+<h4><a href="https://u.fsf.org/ys"><img
+alt="自由软件基金会"
+src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
+
+<p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software
+Foundation</a>, Inc. <a
+href="https://my.fsf.org/donate/privacypolicy.html">隐私政策</a>. <a
+href="https://u.fsf.org/yr">成为会员</a>,以支持我们的工作。</p>
+
+<p>The images on this page are under a <a
+href="https://creativecommons.org/licenses/by/4.0/">Creative Commons
+Attribution 4.0 license (or later version)</a>, and the rest of it is under
+a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons
+Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a
+href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">
+source code of Edward reply bot</a> by Andrew Engelbrecht
+<sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>,
+available under the GNU Affero General Public License. <a
+href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these
+licenses?</a></p>
+
+<p>本指南和信息图所使用的字体:<a
+href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> 由 Pablo
+Impallari 设计, <a
+href="http://www.google.com/fonts/specimen/Signika">Signika</a> 由 Anna
+Giedryś 设计,<a
+href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo
+Narrow</a> 由 Omnibus-Type 设计,<a
+href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a>
+由 Florian Cramer 设计。</p>
+
+<p>下载本指南(包含字体,图片文件和爱德华邮件的文本)的<a href="emailselfdefense_source.zip">源码包</a>。</p>
+
+<p>本站使用 Weblabels 标准标记 <a href="https://www.fsf.org/campaigns/freejs">自由的
+JavaScript</a>。 查看 JavaScript <a
+href="//weblabels.fsf.org/emailselfdefense.fsf.org/"
+rel="jslicense">源代码和许可证信息</a>。</p>
- <p>The images on this page are under a <a href="https://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 license (or later version)</a>, and the rest of it is under a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">source code of Edward reply bot</a> by Andrew Engelbrecht <sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>, available under the GNU Affero General Public License. <a href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these licenses?</a></p>
-
- <p>Fonts used in the guide & infographic: <a href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> by Pablo Impallari, <a href="http://www.google.com/fonts/specimen/Signika">Signika</a> by Anna Giedryś, <a href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo Narrow</a> by Omnibus-Type, <a href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a> by Florian Cramer.</p>
+</div>
- <p>Download the <a href="emailselfdefense_source.zip">source package</a> for this guide, including fonts, image source files and the text of Edward's messages.</p>
+<!-- /#copyright -->
+<p class="credits">信息图和指南设计由 <a rel="external"
+href="http://jplusplus.org"><strong>Journalism++</strong> <img
+src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png"
+alt="Journalism++" /></a></p>
+<!-- /.credits -->
+</div></footer>
- <p>This site uses the Weblabels standard for labeling <a href="https://www.fsf.org/campaigns/freejs">free JavaScript</a>. View the JavaScript <a href="//weblabels.fsf.org/emailselfdefense.fsf.org/" rel="jslicense">source code and license information</a>.</p>
- </div><!-- /#copyright -->
- <p class="credits">
- Infographic and guide design by <a rel="external" href="http://jplusplus.org"><strong>Journalism++</strong> <img src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png" alt="Journalism++" /></a>
- </p><!-- /.credits -->
- </div>
-</footer><!-- End #footer -->
-<script src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
-<script src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
+<!-- End #footer -->
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
<!-- Piwik -->
-<script type="text/javascript" >
-// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
+<script type="text/javascript" ><!--
+// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
var pkBaseURL = (("https:" == document.location.protocol) ? "https://piwik.fsf.org/" : "http://piwik.fsf.org/");
document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
try {
piwikTracker.enableLinkTracking();
} catch( err ) {}
// @license-end
-</script><noscript><p><img src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0" alt="" /></p></noscript>
-<!-- End Piwik Tracking Code -->
-
-
+-->
+</script>
+<noscript><p><img
+src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0"
+alt="" /></p></noscript>
+<!-- End Piwik Tracking Code -->
</body>
</html>
<!DOCTYPE html>
<html lang="zh-Hans">
- <head>
- <meta http-equiv="content-type" content="text/html; charset=utf-8" />
-
- <title>Email Self-Defense - a guide to fighting surveillance with GnuPG encryption</title>
- <meta name="keywords" content="GnuPG, GPG, privacy, email, Enigmail" />
- <meta name="description" content="Email surveillance violates our fundamental rights and makes free speech risky. This guide will teach you email self-defense in 40 minutes with GnuPG." />
-
- <meta name="viewport" content="width=device-width, initial-scale=1" />
- <link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
- <link rel="shortcut icon" href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
-
- </head>
- <body>
-
-<h3 class="wip">Translation in Progress</h3>
-<p class="wip">The <a href="/esd-zh-hans.po">PO file</a> is where work is being done. Please help us if you can. Thanks!</p>
-
- <header class="row centered" id="header">
- <div>
- <p class="back">← Read the <a href="index.html">full guide</a></p>
- <h3>
- <a href="https://fsf.org/share?u=https://u.fsf.org/zc&t=How public-key encryption works. Infographic via %40fsf">
- <img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
- class="share-logo" alt="[GNU Social]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
- class="share-logo" alt="[Pump.io]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png"
- class="share-logo" alt="[Reddit]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png"
- class="share-logo" alt="[Hacker News]" />
- Share our infographic
- </a>
- with the hashtag #EmailSelfDefense
- </h3>
-
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/full-infographic.png" alt="View & share our infographic" /></p>
- <p class="back">← Read the <a href="index.html">full guide</a></p>
- </div>
- </header><!-- End #header -->
-
- <!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
- <footer class="row" id="footer">
- <div>
- <div id="copyright">
- <h4><a href="https://u.fsf.org/ys"><img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
- <p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software Foundation</a>, Inc. <a href="https://my.fsf.org/donate/privacypolicy.html">Privacy Policy</a>. Please support our work by <a href="https://u.fsf.org/yr">joining us as an associate member.</a></p>
-
- <p>The images on this page are under a <a href="https://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 license (or later version)</a>, and the rest of it is under a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">source code of Edward reply bot</a> by Andrew Engelbrecht <sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>, available under the GNU Affero General Public License. <a href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these licenses?</a></p>
-
- <p>Fonts used in the guide & infographic: <a href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> by Pablo Impallari, <a href="http://www.google.com/fonts/specimen/Signika">Signika</a> by Anna Giedryś, <a href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo Narrow</a> by Omnibus-Type, <a href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a> by Florian Cramer.</p>
-
- <p>Download the <a href="emailselfdefense_source.zip">source package</a> for this guide, including fonts, image source files and the text of Edward's messages.</p>
-
- <p>This site uses the Weblabels standard for labeling <a href="https://www.fsf.org/campaigns/freejs">free JavaScript</a>. View the JavaScript <a href="//weblabels.fsf.org/emailselfdefense.fsf.org/" rel="jslicense">source code and license information</a>.</p>
- </div><!-- /#copyright -->
- <p class="credits">
- Infographic and guide design by <a rel="external" href="http://jplusplus.org"><strong>Journalism++</strong> <img src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png" alt="Journalism++" /></a>
- </p><!-- /.credits -->
- </div>
- </footer><!-- End #footer -->
- <script src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
- <script src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
-
- <!-- Piwik -->
- <script type="text/javascript">
- /*
- @licstart The following is the entire license notice for the
- JavaScript code in this page.
-
- Copyright 2014 Matthieu Aubry
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see http://www.gnu.org/licenses/.
-
- @licend The above is the entire license notice
- for the JavaScript code in this page.
- */
- var _paq = _paq || [];
- _paq.push(["setDocumentTitle", document.domain + "/" + document.title]);
- _paq.push(["setCookieDomain", "*.www.fsf.org"]);
- _paq.push(["setDomains", ["*.www.fsf.org","*.www.fsf.org"]]);
- _paq.push(["trackPageView"]);
- _paq.push(["enableLinkTracking"]);
-
- (function() {
- var u=(("https:" == document.location.protocol) ? "https" : "http") + "://piwik.fsf.org/";
- _paq.push(["setTrackerUrl", u+"piwik.php"]);
- _paq.push(["setSiteId", "5"]);
- var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0]; g.type="text/javascript";
- g.defer=true; g.async=true; g.src=u+"piwik.js"; s.parentNode.insertBefore(g,s);
- })();
- </script>
- <!-- End Piwik Code -->
-
- </body>
+<head>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Email Self-Defense - a guide to fighting surveillance with GnuPG encryption</title>
+<meta name="keywords" content="GnuPG, GPG, openpgp, 监控, 隐私, 电子邮件, Enigmail" />
+<meta name="description" content="电子邮件监控侵犯了我们的基本权利,并损害了言论自由。本指南将在 40 分钟里,教会你使用 GnuPG 进行电子邮件加密。" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
+<link rel="shortcut icon"
+href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
+</head>
+
+<body>
+
+<header class="row centered" id="header"><div>
+
+<p class="back">← 阅读 <a href="index.html">整个指南</a></p>
+
+<h3><a
+href="https://fsf.org/share?u=https://u.fsf.org/zc&t=How public-key
+encryption works. Infographic via %40fsf"><img
+src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
+class="share-logo"
+alt="[GNU Social]" />
+<img
+src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
+class="share-logo"
+alt="[Pump.io]" />
+<img
+src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png"
+class="share-logo"
+alt="[Reddit]" />
+<img
+src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png"
+class="share-logo"
+alt="[Hacker News]" /> 分享我们的信息图 </a> 并带上标签 #EmailSelfDefense
+</h3>
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/full-infographic.png"
+alt="查看并分享信息图" /></p>
+
+<p class="back">← 阅读 <a href="index.html">整个指南</a></p>
+
+</div></header>
+
+
+<!-- End #header -->
+<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
+<footer class="row" id="footer"><div>
+<div id="copyright">
+
+<h4><a href="https://u.fsf.org/ys"><img
+alt="自由软件基金会"
+src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
+
+<p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software
+Foundation</a>, Inc. <a
+href="https://my.fsf.org/donate/privacypolicy.html">隐私政策</a>. <a
+href="https://u.fsf.org/yr">成为会员</a>,以支持我们的工作。</p>
+
+<p>The images on this page are under a <a
+href="https://creativecommons.org/licenses/by/4.0/">Creative Commons
+Attribution 4.0 license (or later version)</a>, and the rest of it is under
+a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons
+Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a
+href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">
+source code of Edward reply bot</a> by Andrew Engelbrecht
+<sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>,
+available under the GNU Affero General Public License. <a
+href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these
+licenses?</a></p>
+
+<p>本指南和信息图所使用的字体:<a
+href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> 由 Pablo
+Impallari 设计, <a
+href="http://www.google.com/fonts/specimen/Signika">Signika</a> 由 Anna
+Giedryś 设计,<a
+href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo
+Narrow</a> 由 Omnibus-Type 设计,<a
+href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a>
+由 Florian Cramer 设计。</p>
+
+<p>下载本指南(包含字体,图片文件和爱德华邮件的文本)的<a href="emailselfdefense_source.zip">源码包</a>。</p>
+
+<p>本站使用 Weblabels 标准标记 <a href="https://www.fsf.org/campaigns/freejs">自由的
+JavaScript</a>。 查看 JavaScript <a
+href="//weblabels.fsf.org/emailselfdefense.fsf.org/"
+rel="jslicense">源代码和许可证信息</a>。</p>
+
+</div>
+
+<!-- /#copyright -->
+<p class="credits">信息图和指南设计由 <a rel="external"
+href="http://jplusplus.org"><strong>Journalism++</strong> <img
+src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png"
+alt="Journalism++" /></a></p>
+<!-- /.credits -->
+</div></footer>
+
+
+<!-- End #footer -->
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
+
+<!-- Piwik -->
+<script type="text/javascript" ><!--
+// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
+var pkBaseURL = (("https:" == document.location.protocol) ? "https://piwik.fsf.org/" : "http://piwik.fsf.org/");
+document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
+try {
+ var piwikTracker = Piwik.getTracker(pkBaseURL + "piwik.php", 13);
+ piwikTracker.trackPageView();
+ piwikTracker.enableLinkTracking();
+} catch( err ) {}
+// @license-end
+-->
+</script>
+<noscript><p><img
+src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0"
+alt="" /></p></noscript>
+
+<!-- End Piwik Tracking Code -->
+</body>
</html>
<!DOCTYPE html>
<html lang="zh-Hans">
<head>
- <meta http-equiv="content-type" content="text/html; charset=utf-8" />
-
- <title>电子邮件加密傻瓜指南</title>
- <meta name="keywords" content="GnuPG, GPG, openpgp, 监控, 隐私, 电子邮件, Enigmail" />
- <meta name="description" content="电子邮件监控侵犯了我们的基本权利,并危及了言论自由。本指南将在四十分钟里教会你如何通过 GnuPG 加密邮件。" />
-
- <meta name="viewport" content="width=device-width, initial-scale=1" />
- <link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
- <link rel="shortcut icon" href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
-
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Email Self-Defense - a guide to fighting surveillance with GnuPG encryption</title>
+<meta name="keywords" content="GnuPG, GPG, openpgp, 监控, 隐私, 电子邮件, Enigmail" />
+<meta name="description" content="电子邮件监控侵犯了我们的基本权利,并损害了言论自由。本指南将在 40 分钟里,教会你使用 GnuPG 进行电子邮件加密。" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
+<link rel="shortcut icon"
+href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
</head>
+
<body>
-<h3 class="wip">Translation in Progress</h3>
-<p class="wip">The <a href="/esd-zh-hans.po">PO file</a> is where work is being done. Please help us if you can. Thanks!</p>
- <!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
+<!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
+<header class="row" id="header"><div>
- <header class="row" id="header">
- <div>
- <h1>电子邮件加密傻瓜指南</h1>
+<h1>Email Self-Defense</h1>
- <!-- Language list for browsers that do not have JS enabled -->
- <ul id="languages" class="os">
+
+<!-- Language list for browsers that do not have JS enabled -->
+<ul id="languages" class="os">
<li><a href="/en">English - v4.0</a></li>
<li><a href="/ar">العربية <span class="tip">tip</span></a></li>
<li><a href="/cs">Čeština - v4.0</a></li>
<li><a href="/sv">svenska - v4.0</a></li>
<li><a href="/tr">Türkçe - v4.0</a></li>
<li><a class="current" href="/zh-hans">简体中文 <span class="tip">tip</span></a></li>
-<li><a href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"><strong><span style="color: #2F5FAA;">帮助翻译</span></strong></a></li>
- </ul>
-
- <ul id="menu" class="os">
- <li class="spacer">
- <a href="index.html">GNU/Linux</a>
- </li>
- <li>
- <a href="mac.html" class="current">Mac OS</a>
- </li>
- <li>
- <a href="windows.html">Windows</a>
- </li>
- <li class="spacer"><a href="workshops.html">研讨会</a></li>
- <li class="spacer">
- <a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email encryption for everyone via %40fsf">
- 分享
- <img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
- class="share-logo" alt="[GNU Social]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
- class="share-logo" alt="[Pump.io]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png"
- class="share-logo" alt="[Reddit]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png"
- class="share-logo" alt="[Hacker News]" />
- </a>
- </li>
- </ul>
-
- <!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
- <div id="fsf-intro">
- <h3>
- <a href="http://u.fsf.org/ys">
- <img alt="Free Software Foundation"
- src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" />
- </a>
- </h3>
- <div class="fsf-emphasis">
- <p>
- 我们为计算机用户的权利而战,并促进自由软件的开发,对抗大规模监控对我们至关重要。
- </p>
- <p>
- <strong>
- 请捐款以支持电子邮件加密指南。我们会一直改进它,使其充实,for the benefit of people around the world taking the first step towards protecting their privacy.
- </strong>
- </p>
- </div>
-
- <p><a href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img alt="Donate" src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png" /></a> </p>
-
- </div><!-- End #fsf-intro -->
-
- <!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
- <div class="intro">
- <p>
- <a id="infographic" href="infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png" alt="View & share our infographic →" /></a>大规模监控侵犯了我们的基本权利,并危及了言论自由。本指南将会教授你一个基本的监控自我保护技巧:加密电子邮件。一旦你学会了,你将能够收发其他人无法阅读的电子邮件,包括那些拦截你邮件的监控代理或窃贼。你需要的是一台带网络连接的计算机,一个电子邮箱账号,和大约四十分钟时间。</p>
-
- <p>即使你没有什么见不得人的事情,通过加密可以保护通信对方的隐私,并使大规模监控变得困难。如果你确实有重要的东西需要隐藏,那么你并不孤独;告密者们在揭发人权侵犯、腐败以及其他犯罪问题时,也是使用同样的工具保护他们身份的。</p>
-
- <p>除了使用加密技术,我们还需要坚持不懈地与监控作政治斗争,以政府减少<a href="http://gnu.org/philosophy/surveillance-vs-democracy.html">对我们的大量数据收集</a>。但重中之重是保护好你自己,使得监控你的通讯尽可能的困难。本指南将帮助你做到。它是为初学者设计的,但如果你已经掌握了 GnuPG 的基本知识,或你是一位资深自由软件用户,你会喜欢进阶提示与<a href="workshops.html">加密探讨会指南</a>。</p>
-
- </div><!-- End .intro -->
-
- </div>
- </header><!-- End #header -->
-
- <!-- ~~~~~~~~~ Section 1: Get the pieces ~~~~~~~~~ -->
- <section class="row" id="section1">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#1</em> 获取部件</h2>
- <p class="notes">本指南需要安装<a href="https://www.gnu.org/philosophy/free-sw.html">自由许可的</a>软件;它是完全透明的,任何人都可以复制它,并生成自己的版本。这使得它比专有软件(比如 Mac OS)更难受到监控。为了你免受监控,我们推荐你换用像 GNU/Linux 这样的自由软件操作系统。你可以在 <a href="https://u.fsf.org/ys">fsf.org</a> 上了解更多有关自由软件的信息。</p>
- <p>在开始之前,你需要安装 IceDove 邮件程序。对于你的操作系统来说,IceDove 可能以其别名 Thunderbird 而为人所知。电子邮件程序是另一种访问邮箱账号的途径(你也可以像 Gmail 那样通过浏览器访问),但它提供了更多的功能。</p>
- <p>如果你已经安装好了电子邮件程序,你可以跳至 <a href="#step-1b">Step 1.b</a>。</p>
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-1a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1a-install-wizard.png" alt="Step 1.A: Install Wizard" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 1.a</em> 设置邮箱账号</h3>
- <p>打开你的邮件程序,按照向导程序的提示逐步设置好你的邮箱账号。</p>
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>向导程序没有启动</dt>
- <dd>你可以自行启动它,但不同邮件程序的菜单选项不尽相同。启动它的按钮在程序的主菜单里,“新建”或者类似的,标题类似于“添加账号”(Add account)或者“新建/已存在的邮箱账号”(New/Existing email account)。</dd>
- <dt>向导程序无法找到我的账号或是不下载我的邮件</dt>
- <dd>在你网上搜索前,我们建议你询问其他和你使用相同邮箱系统的人,以找出正确的设置。</dd>
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
-
- </div><!-- End .main -->
- </div><!-- End #step1-a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-1b" class="step">
-
- <div class="main">
- <h3><em>Step 1.b</em> 下载 GPGTools</h3>
- <p>GPGTools 是一个包含了 GnuPG 的软件包。<a href="https://gpgtools.org/#gpgsuite">下载</a>并安装它,选择默认选项无论提示什么。安装完成后关闭窗口。</p>
-
- </div><!-- End .main -->
- </div><!-- End #step1-b .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-1c" class="step">
- <div class="sidebar">
- <ul class="images">
- <li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-01-tools-addons.png" alt="Step 1.C: Tools -> Add-ons" /></li>
- <li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-02-search.png" alt="Step 1.C: Search Add-ons" /></li>
- <li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-03-install.png" alt="Step 1.C: Install Add-ons" /></li>
- </ul>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 1.c</em> 安装 ENIGMAIL 插件</h3>
- <p>在邮件程序的菜单栏里,选择“附加组件”(Add-ons,它可能在工具选项里)。确认选上了左侧的“扩展”(Extensions)。看到了 Enigmail 吗?如果是,请跳过此步。</p>
- <p>如果没有,在右上方的搜索框里搜索“Enigmail”。你可以在这里获取到它。安装完成后重启邮件程序。</p>
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>我找不到菜单</dt>
- <dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。</dd>
-
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
- </div><!-- End #step-1c .step -->
- </div>
- </section><!-- End #section1 -->
-
- <!-- ~~~~~~~~~ Section 2: Make your keys ~~~~~~~~~ -->
- <section class="row" id="section2">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#2</em> 生成密钥</h2>
- <p>要使用 GnuPG 体系,你将会用到一把公钥(public key)和一把私钥(private key),他们合称为密钥对(keypair)。每一把都是随机生成的一长串数字和字母的值,它是独一无二的。你的公钥和私钥由一种特殊的数学函数联系在一起。</p>
-
- <p>你的公钥不太像现实中的钥匙,它公开储存在被称之为密钥服务器(keyserver)的在线目录上。人们可以下载使用它,借助 GnuPG,人们向你发送加密邮件。你可以把密钥服务器想象成一本电话簿;想要给你发送加密邮件的人能够找到你的公钥。</p>
-
- <p>你的私钥更像是现实中的钥匙,你需要自行保管它(在你的计算机中)。你可以使用 GnuPG 和你的私钥来解密他人发给你的加密邮件。<span style="font-weight: bold;">无论如何,你都不应该改向他人分享你的私钥。</span></p>
- <p>除了加密和解密,你可以使用这些密钥对消息进行签名,并检查其他人签名的真实性。我们将在下一节里详细探讨它。</p>
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-2a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step2a-01-make-keypair.png" alt="Step 2.A: Make a Keypair" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 2.a</em> 生成密钥对</h3>
- <p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup Wizard。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
- <ul>
- <li>在“加密”(Encryption)界面,选中“默认加密所有我的消息,因为隐私对我很重要”。</li>
- <li>在“签名”(Signing)界面,选中“默认不对我的消息签名”。</li>
- <li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”。</li>
- <li>在“生成密钥”(Create Key)界面。取一个强壮的密码吧!你可以自行取密码,也可以使用 Diceware 模式。自己取密码虽然快捷,但不安全。使用 Diceware 需要更长时间,并要求掷骰子,但它能生成攻击者难以辨识出的密码。要使用它,请阅读 Micah Lee 写的<a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">这篇文章</a>的 Make a secure passphrase with Diceware 一节。</li>
- </ul>
-
- <p>如果你喜欢自己取密码,想一个你记得起的至少十二字符长的东西,至少包含一个小写和大写字母,和一个数字或标点符号。永远不要使用你其他地方使用过的密码。不用使用任何可辨识的模式,诸如生日、电话号码、宠物名字、歌词或书中的引言。</p>
-
- <p class="notes">在“生成密钥”(Key Creation)界面,程序需要花费小会儿完成下一步。等待时,你可以在计算机上做一些其他事情,比如看电影或浏览网页。此时你计算机使用的越频繁,密钥生成的速度越快。</p>
- <p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中 Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation Certificate [吊销证书]的目录在你的家目录下,并将它保存在那里)。这是本指南重要的一步,你将会在 <a href="#section5">Section 5</a> 了解到更多信息。</span></p>
-
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>我找不到 Enigmail 菜单</dt>
- <dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。Enigmail 可能在“工具”选项里。</dd>
-
- <dt>我的邮件看起来很奇怪</dt>
- <dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的 HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
-
- <dt>更多资源</dt>
- <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">Enigmail's wiki instructions for key generation</a>。</dd>
-
-
-
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
-
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
-
-
- <dt>使用命令行生成密钥</dt>
- <dd>如果你偏爱使用命令行,以获得更高级别的控制,你可以参考文档 <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>。确保你选择的是"RSA and RSA" (the default),因为它比文档中推荐的算法更新更安全。同时确保你的密钥至少 2048 bits,如果你想更安全的话 4096 bits 也是可以的。</dd>
-
- <dt>Advanced key pairs</dt>
- <dd>When GnuPG creates a new keypair, it compartmentalizes the encryption function from the signing function through <a href="https://wiki.debian.org/Subkeys">subkeys</a>. If you use subkeys carefully, you can keep your GnuPG identity much more secure and recover from a compromised key much more quickly. <a href="https://alexcabal.com/creating-the-perfect-gpg-keypair/">Alex Cabal</a> and <a href="http://keyring.debian.org/creating-key.html">the Debian wiki</a> provide good guides for setting up a secure subkey configuration.</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
- </div><!-- End #step-2a .step -->
-
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-2b" class="step">
- <div class="main">
- <h3><em>Step 2.b</em> 上传公钥到密钥服务器</h3>
- <p>在你的电子邮件程序菜单里,选中 Enigmail → 密钥管理。</p>
- <p>在你的密钥那里右键,选择“上传公钥到密钥服务器”。使用弹窗中默认的密钥服务器。</p>
- <p class="notes">现在,想给你发送加密信息的人可以从因特网上下载到你的公钥了。上传时,菜单中有多个密钥服务器可供逆选择,但他们拥有彼此完成的副本,所以你选择哪一个无关紧要。然而,新的密钥上传后,服务器间可能要数小时才能完成同步。</p>
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>进度条一直没有结束</dt>
- <dd>关闭上传窗口,确保你已连接上网络,再试一次。如果还不行,则选择其他密钥服务器。</dd>
- <dt>我的密钥没有显示在列表中</dt>
- <dd>尝试选中“默认显示全部密钥”。</dd>
- <dt>更多文档</dt>
- <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">Enigmail's documentation</a>。</dd>
-
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
-
- </dl>
- </div><!-- /.troubleshooting -->
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
- <dt>Uploading a key from the command line</dt>
- <dd>You can also upload your keys to a keyserver through the <a href="https://www.gnupg.org/gph/en/manual/x457.html">command line</a>. <a href="https://sks-keyservers.net/overview-of-pools.php">The sks Web site</a> maintains a list of highly interconnected keyservers. You can also <a href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">directly export your key</a> as a file on your computer.</dd>
-
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
- </div><!-- End #step-2b .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="terminology" class="step">
- <div class="main">
- <h3>什么是 GnuPG,OpenPGP?</h3>
- <p>通常,术语 GnuPG, GPG, GNU Privacy Guard, OpenPGP 和 PGP 可以交换其称呼。技术上说,OpenPGP (Pretty Good Privacy) 是一种加密标准, GNU Privacy Guard (常被缩写为 GPG 或 GnuPG)是实现该标准的程序。Enigmail 是一个电子邮件程序的插件,它提供了 GnuPG 的界面。</p>
- </div><!-- End .main -->
- </div><!-- End #terminology.step-->
-
-
- </div>
- </section><!-- End #section2 -->
-
- <!-- ~~~~~~~~~ Section 3: Try it out ~~~~~~~~~ -->
- <section class="row" id="section3">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#3</em> 试一试</h2>
- <p>现在你将要尝试与名为 Edward 的计算机程序进行通信,它掌握了如何加密。除非另有说明,你与真人通信时也遵循同样的步骤。</p>
-
- <!-- <p>NOTE: Edward is currently having some technical difficulties, so he may take a long time to respond, or not respond at all. We're sorry about this and we're working hard to fix it. Your key will still work even without testing with Edward.</p> -->
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section3-try-it-out.png" alt="Try it out." /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 3.a</em> Send Edward your public key</h3>
- <p>This is a special step that you won't have to do when corresponding with real people. In your email program's menu, go to Enigmail → Key Management. You should see your key in the list that pops up. Right click on your key and select Send Public Keys by Email. This will create a new draft message, as if you had just hit the Write button.</p>
-
- <p>Address the message to <a href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>. Put at least one word (whatever you want) in the subject and body of the email. Don't send yet.</p>
-
- <p>The lock icon in the top left should be yellow, meaning encryption is
- turned on. We want this first special message to be unencrypted, so
- click the icon once to turn it off. The lock should become grey, with a
- blue dot on it (to alert you that the setting has been changed from the
- default). Once encryption is off, hit Send.</p>
-
- <p class="notes">It may take two or three minutes for Edward to respond. In the meantime, you might want to skip ahead and check out the <a href="#section5">Use it Well</a> section of this guide. Once he's responded, head to the next step. From here on, you'll be doing just the same thing as when corresponding with a real person.</p>
-
- <p>When you open Edward's reply, GnuPG may prompt you for your password before using your private key to decrypt it.</p>
- </div><!-- End .main -->
- </div><!-- End #step-3a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3b" class="step">
- <div class="main">
- <h3><em>Step 3.b</em> Send a test encrypted email</h3>
- <p>Write a new email in your email program, addressed to <a href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>. Make the subject "Encryption test" or something similar and write something in the body.</p>
- <p>The lock icon in the top left of the window should be yellow, meaning encryption is on. This will be your default from now on.</p>
- <p class="notes">Next to the lock, you'll notice an icon of a pencil. We'll get to this in a moment.</p>
- <p>Click Send. Enigmail will pop up a window that says "Recipients not valid, not trusted or not found."</p>
-
- <p>To encrypt an email to Edward, you need his public key, so now you'll have Enigmail download it from a keyserver. Click Download Missing Keys and use the default in the pop-up that asks you to choose a keyserver. Once it finds keys, check the first one (Key ID starting with C), then select ok. Select ok in the next pop-up.</p>
-
- <p>Now you are back at the "Recipients not valid, not trusted or not found" screen. Check the box in front of Edward's key and click Send.</p>
-
- <p class="notes">Since you encrypted this email with Edward's public key, Edward's private key is required to decrypt it. Edward is the only one with his private key, so no one except him can decrypt it.</p>
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>Enigmail can't find Edward's key</dt>
- <dd>Close the pop-ups that have appeared since you clicked Send. Make sure you are connected to the Internet and try again. If that doesn't work, repeat the process, choosing a different keyserver when it asks you to pick one.</dd>
- <dt>Unscrambled messages in the Sent folder</dt>
- <dd>Even though you can't decrypt messages encrypted to someone else's key, your email program will automatically save a copy encrypted to your public key, which you'll be able to view from the Sent folder like a normal email. This is normal, and it doesn't mean that your email was not sent encrypted.</dd>
- <dt>More resources</dt>
- <dd>If you're still having trouble with our instructions or just want to learn more, check out <a href="https://enigmail.wiki/Signature_and_Encryption#Encrypting_a_message">Enigmail's wiki</a>.</dd>
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
-
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
- <dt>Encrypt messages from the command line</dt>
- <dd>You can also encrypt and decrypt messages and files from the <a href="https://www.gnupg.org/gph/en/manual/x110.html">command line</a>, if that's your preference. The option --armor makes the encrypted output appear in the regular character set.</dd>
- </dl>
- </div><!-- /.troubleshooting -->
-
-
- </div><!-- End .main -->
- </div><!-- End #step-3b .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-headers_unencrypted" class="step">
- <div class="main">
- <h3><em>Important:</em> Security tips</h3>
- <p>Even if you encrypt your email, the subject line is not encrypted, so don't put private information there. The sending and receiving addresses aren't encrypted either, so a surveillance system can still figure out who you're communicating with. Also, surveillance agents will know that you're using GnuPG, even if they can't figure out what you're saying. When you send attachments, Enigmail will give you the choice to encrypt them or not, independent of the actual email.</p>
- </div><!-- End .main -->
- </div><!-- End #step-headers_unencrypted .step-->
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3c" class="step">
- <div class="main">
- <h3><em>Step 3.c</em> Receive a response</h3>
- <p>When Edward receives your email, he will use his private key to decrypt it, then use your public key (which you sent him in <a href="#step-3a">Step 3.A</a>) to encrypt his reply to you.</p>
-
- <p class="notes">It may take two or three minutes for Edward to respond. In the meantime, you might want to skip ahead and check out the <a href="#section5">Use it Well</a> section of this guide.</p>
- <p>When you receive Edward's email and open it, Enigmail will automatically detect that it is encrypted with your public key, and then it will use your private key to decrypt it.</p>
- <p>Notice the bar that Enigmail shows you above the message, with information about the status of Edward's key.</p>
- </div><!-- End .main -->
- </div><!-- End #step-3c .step -->
-
-
- <div id="step-3d" class="step">
- <div class="main">
- <h3><em>Step 3.d</em> Send a test signed email</h3>
- <p>GnuPG includes a way for you to sign messages and files, verifying that they came from you and that they weren't tampered with along the way. These signatures are stronger than their pen-and-paper cousins -- they're impossible to forge, because they're impossible to create without your private key (another reason to keep your private key safe).</p>
-
- <p>You can sign messages to anyone, so it's a great way to make people aware that you use GnuPG and that they can communicate with you securely. If they don't have GnuPG, they will be able to read your message and see your signature. If they do have GnuPG, they'll also be able to verify that your signature is authentic.</p>
-
- <p>To sign an email to Edward, compose any message to him and click the pencil icon next to the lock icon so that it turns gold. If you sign a message, GnuPG may ask you for your password before it sends the message, because it needs to unlock your private key for signing.</p>
-
- <p>With the lock and pencil icons, you can choose whether each message will be encrypted, signed, both, or neither.</p>
- </div>
- </div>
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3e" class="step">
- <div class="main">
- <h3><em>Step 3.e</em> Receive a response</h3>
- <p>When Edward receives your email, he will use your public key (which you sent him in <a href="#step-3a">Step 3.A</a>) to verify that your signature is authentic and the message you sent has not been tampered with.</p>
-
- <p class="notes">It may take two or three minutes for Edward to respond. In the meantime, you might want to skip ahead and check out the <a href="#section5">Use it Well</a> section of this guide.</p>
-
- <p>Edward's reply will arrive encrypted, because he prefers to use encryption whenever possible. If everything goes according to plan, it should say "Your signature was verified." If your test signed email was also encrypted, he will mention that first.</p>
- </div><!-- End .main -->
- </div><!-- End #step-3c .step -->
- </div>
- </section>
-
-
- <!-- ~~~~~~~~~ Section 4: Learn the Web of Trust ~~~~~~~~~ -->
- <section class="row" id="section4">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#4</em> Learn the Web of Trust</h2>
- <p>Email encryption is a powerful technology, but it has a weakness; it requires a way to verify that a person's public key is actually theirs. Otherwise, there would be no way to stop an attacker from making an email address with your friend's name, creating keys to go with it and impersonating your friend. That's why the free software programmers that developed email encryption created keysigning and the Web of Trust.</p>
-
- <p>When you sign someone's key, you are publicly saying that you've verified that it belongs to them and not someone else.</p>
-
- <p>Signing keys and signing messages use the same type of mathematical operation, but they carry very different implications. It's a good practice to generally sign your email, but if you casually sign people's keys, you may accidently end up vouching for the identity of an imposter.</p>
-
- <p>People who use your public key can see who has signed it. Once you've used GnuPG for a long time, your key may have hundreds of signatures. You can consider a key to be more trustworthy if it has many signatures from people that you trust. The Web of Trust is a constellation of GnuPG users, connected to each other by chains of trust expressed through signatures.</p>
-
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-4a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section4-web-of-trust.png" alt="Section 4: Web of Trust" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 4.a</em> Sign a key</h3>
- <p>In your email program's menu, go to Enigmail → Key Management.</p>
- <p>Right click on Edward's public key and select Sign Key from the context menu.</p>
- <p>In the window that pops up, select "I will not answer" and click ok.</p>
- <p>Now you should be back at the Key Management menu. Select Keyserver → Upload Public Keys and hit ok.</p>
- <p class="notes">You've just effectively said "I trust that Edward's public key actually belongs to Edward." This doesn't mean much because Edward isn't a real person, but it's good practice.</p>
-
-
- <!--<div id="pgp-pathfinder">
- <form enctype="application/x-www-form-urlencoded" action="/mk_path.cgi" method="get">
- <p><strong>From:</strong> <input type="text" placeholder="xD41A008" name="FROM"></p>
- <p><strong>To:</strong> <input type="text" placeholder="50BD01x4" name="TO"></p>
- <p class="buttons"><input type="submit" value="trust paths" name="PATHS"> <input type="reset" value="reset" name=".reset"></p>
- </form>
- </div>End #pgp-pathfinder -->
-
- </div><!-- End .main -->
- </div><!-- End #step-4a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-identify_keys" class="step">
- <div class="main">
- <h3>Identifying keys: Fingerprints and IDs</h3>
- <p>People's public keys are usually identified by their key fingerprint, which is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8 (for Edward's key). You can see the fingerprint for your public key, and other public keys saved on your computer, by going to Enigmail → Key Management in your email program's menu, then right clicking on the key and choosing Key Properties. It's good practice to share your fingerprint wherever you share your email address, so that people can double-check that they have the correct public key when they download yours from a keyserver.</p>
-
- <p class="notes">You may also see public keys referred to by their key ID, which is simply the last eight digits of the fingerprint, like C09A61E8 for Edward. The key ID is visible directly from the Key Management window. This key ID is like a person's first name (it is a useful shorthand but may not be unique to a given key), whereas the fingerprint actually identifies the key uniquely without the possibility of confusion. If you only have the key ID, you can still look up the key (as well as its fingerprint), like you did in Step 3, but if multiple options appear, you'll need the fingerprint of the person to whom you are trying to communicate to verify which one to use.</p>
-
- </div><!-- End .main -->
- </div><!-- End #step-sign_real_keys .step-->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="check-ids-before-signing" class="step">
- <div class="main">
- <h3><em>Important:</em> What to consider when signing keys</h3>
- <p>Before signing a person's key, you need to be confident that it actually belongs to them, and that they are who they say they are. Ideally, this confidence comes from having interactions and conversations with them over time, and witnessing interactions between them and others. Whenever signing a key, ask to see the full public key fingerprint, and not just the shorter key ID. If you feel it's important to sign the key of someone you've just met, also ask them to show you their government identification, and make sure the name on the ID matches the name on the public key. In Enigmail, answer honestly in the window that pops up and asks "How carefully have you verified that the key you are about to sign actually belongs to the person(s) named above?"
-</p>
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
- <dt>Master the Web of Trust</dt>
- <dd>Unfortunately, trust does not spread between users the way <a href="http://fennetic.net/irc/finney.org/~hal/web_of_trust.html">many people think</a>. One of best ways to strengthen the GnuPG community is to deeply <a href="https://www.gnupg.org/gph/en/manual/x334.html">understand</a> the Web of Trust and to carefully sign as many people's keys as circumstances permit.</dd>
- <dt>Set ownertrust</dt>
- <dd>If you trust someone enough to validate other people's keys, you can assign them an ownertrust level through Enigmails's key management window. Right click on the other person's key, go to the "Select Owner Trust" menu option, select the trustlevel and click OK. Only do this once you feel you have a deep understanding of the Web of Trust.</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
-
- </div><!-- End #step-sign_real_keys .step-->
-
-
- </div>
- </section><!-- End #section4 -->
-
- <!-- ~~~~~~~~~ Section 5: Use it well ~~~~~~~~~ -->
- <section id="section5" class="row">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#5</em> Use it well</h2>
- <p>Everyone uses GnuPG a little differently, but it's important to follow some basic practices to keep your email secure. Not following them, you risk the privacy of the people you communicate with, as well as your own, and damage the Web of Trust.</p>
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-5a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-01-use-it-well.png" alt="Section 5: Use it Well (1)" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3>When should I encrypt? When should I sign?</h3>
-
- <p>The more you can encrypt your messages, the better. If you only encrypt emails occasionally, each encrypted message could raise a red flag for surveillance systems. If all or most of your email is encrypted, people doing surveillance won't know where to start. That's not to say that only encrypting some of your email isn't helpful -- it's a great start and it makes bulk surveillance more difficult.</p>
- <p>Unless you don't want to reveal your own identity (which requires other protective measures), there's no reason not to sign every message, whether or not you are encrypting. In addition to allowing those with GnuPG to verify that the message came from you, signing is a non-intrusive way to remind everyone that you use GnuPG and show support for secure communication. If you often send signed messages to people that aren't familiar with GnuPG, it's nice to also include a link to this guide in your standard email signature (the text kind, not the cryptographic kind).</p>
-
- </div><!-- End .main -->
- </div><!-- End #step-5a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-5b" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-02-use-it-well.png" alt="Section 5: Use it Well (2)" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3>Be wary of invalid keys</h3>
- <p>GnuPG makes email safer, but it's still important to watch out for invalid keys, which might have fallen into the wrong hands. Email encrypted with invalid keys might be readable by surveillance programs.</p>
- <p>In your email program, go back to the first encrypted email that Edward sent you. Because Edward encrypted it with your public key, it will have a message from Enigmail at the top, which most likely says "Enigmail: Part of this message encrypted."</p>
- <p><b>When using GnuPG, make a habit of glancing at that bar. The program will warn you there if you get an email encrypted with a key that can't be trusted.</b></p>
- </div><!-- End .main -->
- </div><!-- End #step-5b .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-5c" class="step">
- <div class="main">
- <h3>Copy your revocation certificate to somewhere safe</h3>
- <p>Remember when you created your keys and saved the revocation certificate that GnuPG made? It's time to copy that certificate onto the safest digital storage that you have -- the ideal thing is a flash drive, disk, or hard drive stored in a safe place in your home, not on a device you carry with you regularly.</p>
- <p>If your private key ever gets lost or stolen, you'll need this certificate file to let people know that you are no longer using that keypair.</p>
- </div><!-- End .main -->
- </div><!-- End #step-5c .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-lost_key" class="step">
- <div class="main">
- <h3><em>Important:</em> act swiftly if someone gets your private key</h3>
- <p>If you lose your private key or someone else gets ahold of it (say, by stealing or cracking your computer), it's important to revoke it immediately before someone else uses it to read your encrypted email or forge your signature. This guide doesn't cover how to revoke a key, but you can follow these <a href="https://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/">instructions</a>. After you're done revoking, make a new key and send an email to everyone with whom you usually use your key to make sure they know, including a copy of your new key.</p>
- </div><!-- End .main -->
- </div><!-- End #step-lost_key .step-->
-
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <!---<div id="transfer-key" class="step">
- <div class="main">
- <h3>Transferring you key</h3>
- <p>You can use Enigmail's <a href="https://www.enigmail.net/documentation/keyman.php">key management window</a> to import and export keys. If you want to be able to read your encrypted email on a different computer, you will need to export your secret key from here. Be warned, if you transfer the key without <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">encrypting</a> the drive it's on the transfer will be dramatically less secure.</p>
- </div>--><!-- End .main -->
- </div><!-- End #step-lost_key .step-->
-
-
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="webmail-and-GnuPG" class="step">
- <div class="main">
- <h3>Webmail and GnuPG</h3>
- <p>When you use a web browser to access your email, you're using webmail, an email program stored on a distant website. Unlike webmail, your desktop email program runs on your own computer. Although webmail can't decrypt encrypted email, it will still display it in its encrypted form. If you primarily use webmail, you'll know to open your email client when you receive a scrambled email.</p>
- </div><!-- End .main -->
- </div><!-- End #webmail-and-GnuPG .step-->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~
- <div id="step-5d" class="step">
- <div class="main">
- <h3>Make your public key part of your online identity</h3>
- <p> First add your public key fingerprint to your email signature, then compose an email to at least five of your friends, telling them you just set up GnuPG and mentioning your public key fingerprint. Link to this guide and ask them to join you. Don't forget that there's also an awesome <a href="infographic.html">infographic to share.</a></p>
-
- <p class="notes">Start writing your public key fingerprint anywhere someone would see your email address: your social media profiles, blog, Website, or business card. (At the Free Software Foundation, we put ours on our <a href="https://fsf.org/about/staff">staff page</a>.) We need to get our culture to the point that we feel like something is missing when we see an email address without a public key fingerprint.</p>
- </div>--><!-- End .main
-</div> End #step-5d .step-->
-
-
-</section><!-- End #section5 -->
-
-
-
-<!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
+<li><a
+href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"><strong><span
+style="color: #2F5FAA;">Translate!</span></strong></a></li>
+</ul>
+
+<ul id="menu" class="os">
+<li class="spacer"><a href="index.html">GNU/Linux</a></li>
+<li><a href="mac.html" class="current">Mac OS</a></li>
+<li><a href="windows.html">Windows</a></li>
+<li class="spacer"><a href="workshops.html">研讨会</a></li>
+<li class="spacer"><a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email encryption
+for everyone via %40fsf"> Share
+<img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png" class="share-logo"
+alt="[GNU Social]" />
+<img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png" class="share-logo"
+alt="[Pump.io]" />
+<img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png" class="share-logo"
+alt="[Reddit]" />
+<img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png" class="share-logo"
+alt="[Hacker News]" /></a></li>
+</ul>
+
+
+<!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
+<div id="fsf-intro">
+
+<h3><a href="http://u.fsf.org/ys"><img
+alt="自由软件基金会"
+src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" />
+</a></h3>
+
+<div class="fsf-emphasis">
+
+<p>我们为计算机用户的权利而战,并促进自由软件的发展,对抗大规模监控对我们至关重要。</p>
+
+<p><strong>请捐款以支持电子邮件加密指南。我们会一直改进它,使其充实,迈出保护自己隐私的第一步是人人受益的。</strong></p>
+
+</div>
+
+<p><a
+href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img
+alt="捐款"
+src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png" /></a></p>
+
+</div>
+
+
+<!-- End #fsf-intro -->
+<!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
+<div class="intro">
+
+<p><a id="infographic" href="infographic.html"><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png"
+alt="查看并分享我们的信息图" /></a>
+大规模监控侵犯了我们的基本权利,并危及了言论自由。本指南将会教授你一个基本的监控自我保护技巧:加密电子邮件。一旦你学会了,你将能够收发其他人(包括那些拦截你邮件的监控代理或窃贼)无法阅读的电子邮件。你需要的是一台带网络连接的计算机,一个电子邮箱账号和大约四十分钟时间。</p>
+
+<p>即使你没有什么见不得人的事情,通过加密可以保护通信对方的隐私,并使大规模监控系统变得难以运作。如果你确实有重要的东西需要隐藏,那么你并不孤独;告密者们在揭发人权侵犯、腐败以及其他犯罪问题时,也是使用同样的工具保护他们身份的。</p>
+
+<p>除了使用加密技术,我们还需要坚持不懈地与监控作政治斗争,以减少政府<a
+href="http://gnu.org/philosophy/surveillance-vs-democracy.html">对我们的大量数据收集</a>。但重中之重是保护好你自己,使得监控你的通讯尽可能的困难。本指南将帮助你做到。它是为初学者设计的,但如果你已经掌握了
+GnuPG 的基本知识,或你是一位资深自由软件用户,你会喜欢进阶提示与<a href="workshops.html">加密探讨会指南</a>。</p>
+
+</div>
+<!-- End .intro -->
+</div></header>
+
+
+<!-- End #header -->
+<!-- ~~~~~~~~~ Section 1: Get the pieces ~~~~~~~~~ -->
+<section class="row" id="section1"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#1</em> 获取部件</h2>
+
+<p class="notes">This guide relies on software which is <a
+href="https://www.gnu.org/philosophy/free-sw.html">freely licensed</a>; it's
+completely transparent and anyone can copy it or make their own
+version. This makes it safer from surveillance than proprietary software
+(like Windows or Mac OS). To defend your freedom as well as protect yourself
+from surveillance, we recommend you switch to a free software operating
+system like GNU/Linux. Learn more about free software at <a
+href="https://u.fsf.org/ys">fsf.org</a>.</p>
+
+<p>在开始之前,你需要安装 IceDove 邮件程序。对于你的操作系统来说,IceDove 可能以其别名 Thunderbird
+存在于你的系统。电子邮件程序是另一种访问邮箱账号的途径(你也可以像 Gmail 那样通过浏览器访问),但它提供了更多的功能。</p>
+
+<p>如果你已经有了电子邮件程序,你可以跳至 <a href="#step-1b">Step 1.b</a>。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-1a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1a-install-wizard.png"
+alt="Step 1.A: 安装向导" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 1.a</em> 配置电子邮件帐号</h3>
+
+<p>打开你的邮件程序,按照向导程序的提示逐步设置好你的邮箱账号。</p>
+
+<p>在配置你的账号时,留意服务器右侧的 SSL, TLS 或 STARTTLS
+字样。如果你没有看到他们,你仍将有能力使用加密,但这意味着运行邮件系统的人以低于行业标准的规范保护着你的安全与隐私。我们建议你,向他们发送一份友好的邮件,要求他们为邮件服务器启用
+SSL, TLS 或 STARTTLS。他们会知道你说的是什么,如果你不是系统安全的专家,这是一个值得的请求。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>向导程序没有启动</dt>
+<dd>你可以自行启动它,但不同邮件程序的菜单选项不尽相同。启动它的按钮在程序的主菜单里,“新建”或者类似的,标题类似于“添加账号”(Add
+account)或者“新建/已存在的邮箱账号”(New/Existing email account)。</dd>
+
+<dt>向导程序没有找到我的账号或者不在下载我的邮件</dt>
+<dd>在网上搜索解决方案之前,我们建议你问问你身边使用相同邮件系统的人,以检查设置是否正确。</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step1-a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-1b" class="step">
+<div class="main">
+
+<h3><em>Step 1.b</em> 下载 GPGTools 来使用 GnuPG</h3>
+
+<p>GPGTools 是一个包含了 GnuPG 的软件包。<a
+href="https://gpgtools.org/#gpgsuite">下载</a>并安装它,无论提示什么都选择默认选项。安装完成后关闭窗口。</p>
+
+<p>在 GPGTools 2018.3 前的版本存在重大安全漏洞。请确保安装的是 GPGTools 2018.3 及其之后的版本。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step1-b .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-1c" class="step">
+<div class="sidebar">
+<ul class="images">
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-01-tools-addons.png"
+alt="Step 1.C: 工具 -> 附加组件" /></li>
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-02-search.png"
+alt="Step 1.C: 搜索附加组件" /></li>
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-03-install.png"
+alt="Step 1.C: 安装附加组件" /></li>
+</ul>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 1.c</em> 给电子邮件程序安装 ENIGMAIL 插件</h3>
+
+<p>在邮件程序的菜单栏里,选择“附加组件”(Add-ons,它可能在工具选项里)。确认选上了左侧的“扩展”(Extensions)。看到了 Enigmail
+吗?如果是,请跳过此步。</p>
+
+<p>如果没有,在右上方的搜索框里搜索“Enigmail”。你可以在这里获取到它。安装完成后重启邮件客户端。</p>
+
+<p>在 Enigmail 2.0.7 前的版本存在重大安全漏洞。请确保安装的是 Enigmail 2.0.7 及其之后的版本。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>我找不到菜单。</dt>
+<dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。</dd>
+
+<dt>我的电子邮件看起来很奇怪</dt>
+<dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的
+HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+<!-- End #step-1b .step -->
+</div></section>
+
+
+<!-- End #section1 -->
+<!-- ~~~~~~~~~ Section 2: Make your keys ~~~~~~~~~ -->
+<section class="row" id="section2"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#2</em> 生成密钥</h2>
+
+<p>要使用 GnuPG 体系,你将会用到一把公钥(public key)和一把私钥(private
+key),他们合称为密钥对(keypair)。每一把都是随机生成的一长串数字和字母的值,它是独一无二的。你的公钥和私钥是由一种特殊的数学函数联系在一起。</p>
+
+<p>你的公钥不太像现实中的钥匙,它公开储存在被称之为密钥服务器(keyserver)的在线目录上。人们可以下载使用它,借助
+GnuPG,人们向你发送加密邮件。你可以把密钥服务器想象成一本电话簿;想要给你发送加密邮件的人能够找到你的公钥。</p>
+
+<p>你的私钥更像是现实中的钥匙,你需要自行保管它(在你的计算机中)。你可以使用 GnuPG 和你的私钥来解密他人发给你的加密邮件。<span
+style="font-weight: bold;">无论如何,你都不应该改向他人分享你的私钥。</span></p>
+
+<p>除了加密和解密,你可以使用这些密钥对消息进行签名,并检查其他人签名的真实性。我们将在下一节里详细探讨它。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-2a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step2a-01-make-keypair.png"
+alt="Step 2.A: 生成密钥对" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 2.a</em> 生成密钥对</h3>
+
+<p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup
+Wizard。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
+
+<ul>
+<li>在“加密”(Encryption)界面,选中“默认加密我的所有消息,因为隐私对我很重要”。</li>
+
+<li>在“签名”(Signing)界面,选中“默认不对我的消息签名”。</li>
+
+<li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”。</li>
+
+<li>On the screen titled "Create Key," pick a strong password! You can do it
+manually, or you can use the Diceware method. Doing it manually is faster
+but not as secure. Using Diceware takes longer and requires dice, but
+creates a password that is much harder for attackers figure out. To use it,
+read the section "Make a secure passphrase with Diceware" in <a
+href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">
+this article</a> by Micah Lee.</li>
+</ul>
+
+<p>如果你喜欢自己取密码,想一个你记得起的至少十二字符长的东西,至少包含一个小写和大写字母,和一个数字或标点符号。永远不要使用你其他地方使用过的密码。不用使用任何可辨认的规律,诸如生日、电话号码、宠物名字、歌词或书中的引言。</p>
+
+<p class="notes">在“生成密钥”(Key
+Creation)界面,程序需要花费小会儿完成下一步。等待时,你可以在计算机上做一些其他事情,比如看电影或浏览网页。此时你计算机使用的越频繁,密钥生成的速度越快。</p>
+
+<p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中
+Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation
+Certificate [吊销证书]的目录在你的家目录下,并将它保存在那里)。这是本指南重要的一步,你将会在 <a
+href="#section5">Section 5</a> 了解到更多信息。</span></p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>我找不到 Enigmail 菜单。</dt>
+<dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。Enigmail 可能在“工具”选项里。</dd>
+
+<dt>向导程序无法找到 GnuPG</dt>
+<dd>打开你常用来安装软件的程序,搜索 GnuPG,并安装它。通过 Enigmail → Setup Wizard 来重启 Enigmail 安装向导。</dd>
+
+<dt>我的电子邮件看起来很奇怪</dt>
+<dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的
+HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
+
+<dt>更多资源</dt>
+<dd>If you're having trouble with our instructions or just want to learn more,
+check out <a
+href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">
+Enigmail's wiki instructions for key generation</a>.</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+
+
+<!-- /.troubleshooting -->
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>使用命令行生成密钥</dt>
+<dd>如果你偏爱使用命令行,以获得更高级别的控制,你可以参考文档 <a
+href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy
+Handbook</a>。确保你选择的是"RSA and RSA" (the default),因为它比文档中推荐的算法更新更安全。同时确保你的密钥至少
+2048 bits,如果你想更安全的话 4096 bits 也是可以的。</dd>
+
+<dt>Advanced key pairs</dt>
+<dd>When GnuPG creates a new keypair, it compartmentalizes the encryption
+function from the signing function through <a
+href="https://wiki.debian.org/Subkeys">subkeys</a>. If you use subkeys
+carefully, you can keep your GnuPG identity much more secure and recover
+from a compromised key much more quickly. <a
+href="https://alexcabal.com/creating-the-perfect-gpg-keypair/">Alex
+Cabal</a> and <a href="http://keyring.debian.org/creating-key.html">the
+Debian wiki</a> provide good guides for setting up a secure subkey
+configuration.</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-2a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-2b" class="step">
+<div class="main">
+
+<h3><em>Step 2.b</em> 上传公钥到密钥服务器</h3>
+
+<p>在你的电子邮件程序菜单里,选中 Enigmail → 密钥管理。</p>
+
+<p>在你的密钥那里右键,选择“上传公钥到密钥服务器”。使用弹窗中默认的密钥服务器。</p>
+
+<p class="notes">现在,想给你发送加密信息的人可以从因特网上下载到你的公钥了。上传时,菜单中有多个密钥服务器可供逆选择,但他们拥有彼此完成的副本,所以你选择哪一个无关紧要。然而,新的密钥上传后,服务器间可能要数小时才能完成同步。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>进度条一直没有结束</dt>
+<dd>关闭上传窗口,确保你已连接上网络,再试一次。如果还不行,则选择其他密钥服务器。</dd>
+
+<dt>我的密钥没有显示在列表中</dt>
+<dd>尝试选中“默认显示全部密钥”。</dd>
+
+<dt>更多文档</dt>
+<dd>If you're having trouble with our instructions or just want to learn more,
+check out <a
+href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">
+Enigmail's documentation</a>.</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+
+
+<!-- /.troubleshooting -->
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>使用命令行上传公钥</dt>
+<dd>你也可以通过<a
+href="https://www.gnupg.org/gph/en/manual/x457.html">命令行</a>上传公钥到密钥服务器。<a
+href="https://sks-keyservers.net/overview-of-pools.php">The sks Web site</a>
+维护着一个高度相互连接的密钥服务器列表。你也可以<a
+href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">直接导出公钥</a>文件到你的计算机中。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-2b .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="terminology" class="step">
+<div class="main">
+
+<h3>什么是 GnuPG,OpenPGP?</h3>
+
+<p>通常,术语 GnuPG, GPG, GNU Privacy Guard, OpenPGP 和 PGP 可以交换其称呼。技术上说,OpenPGP
+(Pretty Good Privacy) 是一种加密标准, GNU Privacy Guard (常被缩写为 GPG 或
+GnuPG)是实现该标准的程序。Enigmail 是一个电子邮件程序的插件,它提供了 GnuPG 的界面。</p>
+
+</div>
+<!-- End .main -->
+</div>
+<!-- End #terminology.step-->
+</div></section>
+
+
+<!-- End #section2 -->
+<!-- ~~~~~~~~~ Section 3: Try it out ~~~~~~~~~ -->
+<section class="row" id="section3"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#3</em> 试一试</h2>
+
+<p>现在你将要尝试与名为 Edward 的计算机程序进行通信,它掌握了如何加密。除非另有说明,你与真人通信时也遵循同样的步骤。</p>
+
+
+<!-- <p>
+NOTE: Edward is currently having some technical difficulties, so he
+may take a long time to respond, or not respond at all. We're sorry about
+this and we're working hard to fix it. Your key will still work even without
+testing with Edward.</p> -->
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section3-try-it-out.png"
+alt="来试试" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 3.a</em> 向爱德华发送你的公钥</h3>
+
+<p>这一步很特别,因为你和真人通信时不需要做。在你的邮件程序菜单中,找到 Enigmail → Key
+Management。你应当看到你的密钥在弹窗的列表中。在你的密钥处右键,选择“通过邮件发送公钥”。这会创建一封草稿消息,就好像你点击了“撰写”按钮。</p>
+
+<p>收信人地址填写 <a
+href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>。在邮件主题栏和正文里任意撰写内容。先别发送。</p>
+
+<p>左上方的锁形图标应当是黄色的,这意味着加密已经启用。我们需要这第一封特别的邮件是未经加密的,因此需要单击图标让它关闭。此时锁形图标会变成灰色,并带有小蓝点(以提醒你默认设置已发生改变)。加密关闭后,点击发送。</p>
+
+<p class="notes">爱德华可能需要两三分钟回复邮件。在这期间,你可以跳过前面的部分并查阅本指南<a
+href="#section5">善用加密</a>章节。爱德华回复后,继续下面的步骤。从这里开始,你所要做的与真人通信时相同。</p>
+
+<p>你打开爱德华回复的邮件,在使用私钥解密消息时,GnuPG 可能会弹窗要求输入密码。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-3a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3b" class="step">
+<div class="main">
+
+<h3><em>Step 3.b</em> 发送一封测试加密邮件</h3>
+
+<p>在你的邮件程序中写一封新的邮件,收信人地址填写 <a
+href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>。在主题中填写“加密测试”或类似的词语,并在正文中写一些内容。</p>
+
+<p>窗口左上放的锁形图标应当是黄色的,这意味着加密已启用。这会是你今后的默认设置。</p>
+
+<p class="notes">紧挨这锁形,你会注意带一个铅笔图标。我们马上就会用到它。</p>
+
+<p>点击发送。Enigmail 会弹出窗口提示“收件人不合法,不受信任或未找到。”</p>
+
+<p>要给爱德华发送加密邮件,你需要他的公钥,接下来你要 Enigmail
+从密钥服务器下载它。点击“下载缺失的密钥”,并使用默认的密钥服务器。一旦它找到公钥后,选择第一支密钥(以 C 开头的 Key
+ID),并确定。在下一个弹窗中选择确定。</p>
+
+<p>现在你返回“收件人不合法,不受信任或未找到”界面,查看爱德华公钥的窗口,点击发送。</p>
+
+<p class="notes">因为你使用了爱德华的公钥加密邮件,解密则就要求爱德华的私钥。只有爱德华自己有它的私钥,因此除了他,没人能解密消息。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>Enigmail 无法找到爱德华的公钥</dt>
+<dd>关闭点击发送时的弹窗,确保你已经连接上因特网并再试一次。如果仍然无效,重复此过程,选择其他密钥服务器。</dd>
+
+<dt>已发送文件夹中解密的消息</dt>
+<dd>即便你无法解密用其他人公钥加密过的消息,你的邮件程序会自动用你的公钥保存一份副本,这就使得你能够在已发送文件夹像查看普通邮件一样查看它。这是正常的,它并不代表你已发的邮件没有被加密。</dd>
+
+<dt>更多资源</dt>
+<dd>If you're still having trouble with our instructions or just want to learn
+more, check out <a
+href="https://enigmail.wiki/Signature_and_Encryption#Encrypting_a_message">
+Enigmail's wiki</a>.</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+
+
+<!-- /.troubleshooting -->
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>使用命令行加密消息</dt>
+<dd>如果你喜欢,你也可以用<a
+href="https://www.gnupg.org/gph/en/manual/x110.html">命令行</a>加解密消息和文件。命令开关
+--armor 能够使加密输出显示为常规字符集。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-3b .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-headers_unencrypted" class="step">
+<div class="main">
+
+<h3><em>重要:</em> 安全提示</h3>
+
+<p>即便你加密了邮件,主题行是不受加密的,因此不要在那里填写私人信息。发送人和接收人的邮件地址也是不经过加密的,因此监控系统可以辨识出你在和谁通信。同时,监控代理将会知道你使用了
+GnuPG,即便不知道你说了什么。当你发送附件时,Enigmail 会让你选择加密与否,它是独立于真实邮件的。</p>
+
+<p>处于潜在的安全原因,你可以关闭 HTML 格式,而使用纯文本渲染消息主题。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-headers_unencrypted .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3c" class="step">
+<div class="main">
+
+<h3><em>Step 3.c</em> 接收回信</h3>
+
+<p>当爱德华收到你的邮件,他会使用他的私钥去解密消息,接下里使用你的公钥(你在 <a href="#step-3a">Step 3.A</a>
+发给他了)加密他给你的回复。</p>
+
+<p class="notes">爱德华可能需要两三分钟回复邮件。在这期间,你可以跳过前面的部分并查阅本指南<a href="#section5">善用加密</a>章节。</p>
+
+<p>当你接收爱德华的邮件并打开它时,Enigmail 会自动检测它是否使用你的公钥加密的,接下来使用你的私钥解密消息。</p>
+
+<p>消息上方的通知条显示爱德华公钥状态的信息。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-3c .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3d" class="step">
+<div class="main">
+
+<h3><em>Step 3.d</em> 发送一封测试签名邮件</h3>
+
+<p>GnuPG
+提供了对消息或文件签名的方式,验证它们的确来自于你,并且一直未被篡改。这些签名比笔头签名更强有力——前者是无法被伪造的,因为没有你的私钥就无法签名(这是另一个保护私钥安全的原因)。</p>
+
+<p>你可以向任何人签名消息,因此让安全通信的对方意识到你在使用 GnuPG,是个不错的主意。如果他们没有
+GnuPG,他们仍将有能力阅读你的消息并查看你的签名。如果他们有,他们将有能力验证你签名的真实性。</p>
+
+<p>要想对爱德华的邮件签名,并撰写一些消息给他,点击紧邻锁形图标的铅笔图标,它会变成金黄色。你要是对消息签名,GnuPG
+可能会在你点击发送消息钱询问你密码,这是因为签名需要解锁私钥。</p>
+
+<p>锁形和铅笔图标能够让你对每封消息选择加密、签名、两者都要或者都不要。</p>
+
+</div>
+</div>
+
+
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3e" class="step">
+<div class="main">
+
+<h3><em>Step 3.e</em> 接收回信</h3>
+
+<p>当爱德华收到你的邮件,他将会使用你的公钥(你在 <a href="#step-3a">Step
+3.A</a>发给他了)去验证你签名的真实性,以及你发送的消息未经篡改。</p>
+
+<p class="notes">爱德华可能需要两三分钟回复邮件。在这期间,你可以跳过前面的部分并查阅本指南<a href="#section5">善用加密</a>章节。</p>
+
+<p>爱德华的回复回事加密的,因为只要有可能他就会使用加密。如果按计划进行,他会回复“你的签名是已被验证”。如果你的测试签名邮件也是加密的,他会优先提及。</p>
+
+</div>
+<!-- End .main -->
+</div>
+<!-- End #step-3e .step -->
+</div></section>
+
+
+<!-- ~~~~~~~~~ Section 4: Learn the Web of Trust ~~~~~~~~~ -->
+<section class="row" id="section4"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#4</em> 了解信任网</h2>
+
+<p>邮件加密是一种强有力的技术,但它有弱点;它要求验证某人的公钥的的确确是属于他的。否则,无法阻止攻击者使用你朋友姓名和邮件地址,生成密钥,进行冒充。这就是为什么自由软件的程序员开发出密钥签名(keysigning)和信任网(the
+Web of Trust)。</p>
+
+<p>当你签署了某人的公钥,相当于你公开声称这把公钥经过你验证是属于他们的,而不是其他人。</p>
+
+<p>签署密钥和消息签名使用了同种类型的数学运算,但有着不同的含义。通常,对自己邮件进行签名是良好的实践,但随意签署别人的公钥,你可能最终会意外地为冒充者做了担保。</p>
+
+<p>拥有你的公钥的人可以看到谁签署了此公钥。长期使用 GnuPG
+后,你的密钥可能有数百支签名。你可以认为,公钥上你信任的人的签名越多,那么这只公钥越可信。信任网是 GnuPG
+用户的聚集地,他们用签名传递着信任链,连接彼此。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-4a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section4-web-of-trust.png"
+alt="Section 4: 信任网" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 4.a</em> 签署密钥</h3>
+
+<p>在邮件程序菜单中,选择 Enigmail → Key Management。</p>
+
+<p>爱德华公钥处右键,在上下文菜单中选中“签署密钥”。</p>
+
+<p>在弹窗中,选中“我不会回应”并点击确定。</p>
+
+<p>现在你返回 Key Management 菜单。选择 Keyserver → Upload Public Keys 并点击确定。</p>
+
+<p class="notes">你刚刚有力地表达了“我信任爱德华的公钥,它的确属于爱德华”。由于爱德华是一个机器人,这对它并不意味着什么,但这是一个好的实践。</p>
+
+
+<!--<div id="pgp-pathfinder">
+
+
+<form enctype="application/x-www-form-urlencoded" action="/mk_path.cgi"
+method="get">
+
+<p><strong>From:</strong><input type="text" value="xD41A008"
+name="FROM"></p>
+
+<p><strong>To:</strong><input type="text" value="50BD01x4" name="TO"></p>
+
+<p class="buttons"><input type="submit" value="trust paths" name="PATHS"><input
+type="reset" value="reset" name=".reset"></p>
+
+</form>
+
+</div>End #pgp-pathfinder -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-4a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-identify_keys" class="step">
+<div class="main">
+
+<h3>验证密钥:指纹和 ID</h3>
+
+<p>人们的公钥通常是由他们密钥指纹确定的,它是像 F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8
+(爱德华的密钥)的数字串。通过在你邮件程序菜单 Enigmail → Key Management
+,在密钥上右键密钥属性,你能看到你的公钥以及计算机上其他公钥的指纹。在告诉他人你邮箱地址的同时,分享你的指纹是一个不错的实践,这样人们可以在从服务器下载你公钥的时候,再次检查下载的公钥是否正确。</p>
+
+<p class="notes">你可能已经看到有人使用短 key ID 表示公钥。Key Management 窗口中,你可以直接看到 key
+ID。这八位字符曾经用于表示身份,现已经不再安全可靠。你需要检查完整的指纹,以验证你确实拥有通信对方正确的密钥。不幸的是,有意生成两个指纹后八位一样的密钥,这种欺诈是很常见的。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-identify_keys .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="check-ids-before-signing" class="step">
+<div class="main">
+
+<h3><em>重要:</em> 签署密钥时需要考虑什么</h3>
+
+<p>在签署密钥前,你需要确认密钥的确是属于他的,的的确确是声称是自己的那个人。这种确信来自逐步地沟通交流,以及目睹了他与其他人的交流过程。任何时候签署密钥都应该要求查看完整的公钥指纹,而不只是短
+key ID。如果你认为所要签署人的公钥相当重要,可以要求他出示身份证明,确保身份证上的姓名与公钥的姓名相符。在 Enigmail
+里,诚实地回答弹出窗口问题“你对签署的公钥确实属于那个名字的人,验证的严格程度?”</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>精通信任网</dt>
+<dd>不幸地是,信任并不是像<a
+href="http://fennetic.net/irc/finney.org/~hal/web_of_trust.html">大多数人想象的</a>那样在用户之间传递。深入<a
+href="https://www.gnupg.org/gph/en/manual/x334.html">理解</a>信任网是如何运作的,并在条件允许的情况下,谨慎地对尽可能多的人的密钥进行签名,是增强
+GnuPG 社区的最佳方式。</dd>
+
+<dt>设置信任级</dt>
+<dd>如果你对某人的信任足够验证其他人的密钥,你可以在 Enigmail 的 Key management
+窗口中,为他们指派一个信任级(ownertrust)级别。在其他人密钥处右键,选中“选择信任级”(Select Owner
+Trust)菜单选项,选择信任级,并点击确定。在充分理解信任网的前提下,完成这一步。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+<!-- End #check-ids-before-signing .step-->
+</div></section>
+
+
+<!-- End #section4 -->
+<!-- ~~~~~~~~~ Section 5: Use it well ~~~~~~~~~ -->
+<section id="section5" class="row"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#5</em> 善用加密</h2>
+
+<p>每个人使用 GnuPG 方法不尽相同,遵循一些基本的实践是保护邮件安全的重要方式。一旦不遵守,你便是拿着通信双方的隐私做冒险,并且危及信任网。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-5a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-01-use-it-well.png"
+alt="Section 5: 善用加密(1)" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3>何时该加密?何时该签名?</h3>
+
+<p>加密消息是多多益善的。如果你只是偶然加密邮件,每封的加密消息就像是为监控系统竖红旗。如果全部邮件都是加密的,做监控的人不会知道哪封是开始——这不是说加密部分邮件毫无帮助——使大规模监控变得困难是重要的开头。</p>
+
+<p>除非你不想暴露身份(这还要求其他保护措施),没有理由不对每封信签名,无论是否加密。除了允许 GnuPG
+验证消息确实来自于你,签名是一种非侵入式的方式,提醒别人你在使用 GnuPG,并对支持安全的通信表示支持。如果你经常给不熟悉 GnuPG
+的人发送签名消息,在你的标准邮件签名(the text kind, not the cryptographic kind)中附上本指南的链接将会不错。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-5a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-5b" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-02-use-it-well.png"
+alt="Section 5: 善用加密(2)" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3>警惕非法密钥</h3>
+
+<p>GnuPG 能够是的邮件更安全,但仍要小心非法密钥,它可能导致消息落入坏人之手。非法密钥加密的邮件可能可以被监控程序读取。</p>
+
+<p>在你的邮件程序里,回到爱德华发给你的第一封加密邮件。因为爱德华用你的公钥加密了它,Enigmail
+的上方会有一条消息,它可能是这样写的:“Enigmail:消息部分已加密”。</p>
+
+<p><b>使用 GnuPG 时,要养成看通知条的习惯。如果你收到的邮件是用不受信任的密钥签名的,程序会提醒你。</b></p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-5b .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-5c" class="step">
+<div class="main">
+
+<h3>备份吊销证书到安全的地方</h3>
+
+<p>还记得你是何时生成密钥和保存 GnuPG
+生成的吊销证书的吗?是时候将证书复制到安全的数字储存设备上——理想的地方是闪存盘,磁盘或者硬盘,他们存放在家中安全的地方——而不是你随身携带的设备。</p>
+
+<p>如果你的私钥丢失或被盗,你需要这张证书文件以让人们知晓,你不再使用这对密钥对了。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-5c .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-lost_key" class="step">
+<div class="main">
+
+<h3><em>重要:</em> 如果有人得到了你的私钥,要迅速行动</h3>
+
+<p>要是你丢失了私钥或是有人得到了它(这是说,你的计算机被偷或者被黑)。在其他人使用你私钥阅读你的加密邮件或是伪造签名前,立即吊销它显得格外重要。本指南不包含如何吊销密钥,但你可以遵循这些<a
+href="https://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/">指示</a>。在你吊销完成后,生成新的密钥对,并给所有使用你的密钥的人发送邮件,并附上新密钥的拷贝,确保他们知道发生了什么。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+
+
+
+<!-- End #step-lost_key .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<!---<div id="transfer-key" class="step">
+
+<div class="main">
+
+<h3>Transferring you key</h3>
+
+<p>You can use Enigmail's <a
+href="https://www.enigmail.net/documentation/keyman.php">key management
+window</a> to import and export keys. If you want to be able to read
+your encrypted email on a different computer, you will need to export
+your secret key from here. Be warned, if you transfer the key without <a
+href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">encrypting</a>
+the drive it's on the transfer will be dramatically less secure.</p>
+
+</div>-->
+<!-- End .main
+</div>
+ End #transfer-key .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="webmail-and-GnuPG" class="step">
+<div class="main">
+
+<h3>网页邮箱和 GnuPG</h3>
+
+<p>当你使用网页浏览器获取你的邮件,那么你使用的是网页邮箱(webmail),它是一个直接存放在网站的电子邮件程序。和网页邮箱不同,你的桌面邮件程序是运行在你自己的计算机上。即使网页邮箱无法解密加密过的邮件,它仍然会以加密形式显示出来。如果你常用的是网页邮箱,当你收到一封混乱的电子邮件时,你应当知道去打开你的电子邮件客户端。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #webmail-and-GnuPG .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~
+<div id="step-5d" class="step">
+
+<div class="main">
+
+<h3>Make your public key part of your online identity</h3>
+
+<p> First add your public key fingerprint to your email signature, then
+compose an email to at least five of your friends, telling them you just
+set up GnuPG and mentioning your public key fingerprint. Link to this guide
+and ask them to join you. Don't forget that there's also an awesome <a
+href="infographic.html">infographic to share.</a></p>
+
+<p class="notes">Start writing your public key fingerprint anywhere someone
+would see your email address: your social media profiles, blog, Website,
+or business card. (At the Free Software Foundation, we put ours on our
+<a href="https://fsf.org/about/staff">staff page</a>.) We need to get our
+culture to the point that we feel like something is missing when we see an
+email address without a public key fingerprint.</p>
+
+</div>-->
+<!-- End .main
+</div>
+ End #step-5d .step-->
+</div></section>
+
+
+<!-- End #section5 -->
+<!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
<section class="row" id="section6">
- <div id="step-click_here" class="step">
- <div class="main">
- <h2><a href="next_steps.html">Great job! Check out the next steps.</a></h2>
+<div id="step-click_here" class="step">
+<div class="main">
+
+<h2><a href="next_steps.html">很不错!继续查看下一步。</a></h2>
+
+</div>
+<!-- End .main -->
+</div>
+<!-- End #step-click_here .step-->
+</section>
+
+
- </div><!-- End .main -->
- </div><!-- End #step-click_here .step-->
-</section><!-- End #section6 -->
-<!-- ~~~~~~~~~ FAQ ~~~~~~~~~ -->
+<!-- End #section6 -->
+<!-- ~~~~~~~~~ FAQ ~~~~~~~~~ -->
<!-- When un-commenting this section go to main.css and search
for /* Guide Sections Background */ then add #faq to the desired color
-
<section class="row" id="faq">
<div>
<div class="sidebar">
+
<h2>FAQ</h2>
-</div>
+</div>
<div class="main">
+
<dl>
<dt>My key expired</dt>
<dd>Answer coming soon.</dd>
<dt>Who can read encrypted messages? Who can read signed ones?</dt>
<dd>Answer coming soon.</dd>
-<dt>My email program is opening at times I don't want it to open/is now my default program and I don't want it to be.</dt>
+<dt>My email program is opening at times I don't want it to open/is now my
+default program and I don't want it to be.</dt>
<dd>Answer coming soon.</dd>
</dl>
+
</div>
</div>
-</section> --><!-- End #faq -->
-
-<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
-<footer class="row" id="footer">
- <div>
- <div id="copyright">
- <h4><a href="https://u.fsf.org/ys"><img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
- <p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software Foundation</a>, Inc. <a href="https://my.fsf.org/donate/privacypolicy.html">Privacy Policy</a>. Please support our work by <a href="https://u.fsf.org/yr">joining us as an associate member.</a></p>
+</section> -->
+<!-- End #faq -->
+<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
+<footer class="row" id="footer"><div>
+<div id="copyright">
+
+<h4><a href="https://u.fsf.org/ys"><img
+alt="自由软件基金会"
+src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
+
+<p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software
+Foundation</a>, Inc. <a
+href="https://my.fsf.org/donate/privacypolicy.html">隐私政策</a>. <a
+href="https://u.fsf.org/yr">成为会员</a>,以支持我们的工作。</p>
+
+<p>The images on this page are under a <a
+href="https://creativecommons.org/licenses/by/4.0/">Creative Commons
+Attribution 4.0 license (or later version)</a>, and the rest of it is under
+a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons
+Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a
+href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">
+source code of Edward reply bot</a> by Andrew Engelbrecht
+<sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>,
+available under the GNU Affero General Public License. <a
+href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these
+licenses?</a></p>
+
+<p>本指南和信息图所使用的字体:<a
+href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> 由 Pablo
+Impallari 设计, <a
+href="http://www.google.com/fonts/specimen/Signika">Signika</a> 由 Anna
+Giedryś 设计,<a
+href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo
+Narrow</a> 由 Omnibus-Type 设计,<a
+href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a>
+由 Florian Cramer 设计。</p>
+
+<p>下载本指南(包含字体,图片文件和爱德华邮件的文本)的<a href="emailselfdefense_source.zip">源码包</a>。</p>
+
+<p>本站使用 Weblabels 标准标记 <a href="https://www.fsf.org/campaigns/freejs">自由的
+JavaScript</a>。 查看 JavaScript <a
+href="//weblabels.fsf.org/emailselfdefense.fsf.org/"
+rel="jslicense">源代码和许可证信息</a>。</p>
- <p>The images on this page are under a <a href="https://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 license (or later version)</a>, and the rest of it is under a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">source code of Edward reply bot</a> by Andrew Engelbrecht <sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>, available under the GNU Affero General Public License. <a href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these licenses?</a></p>
-
- <p>Fonts used in the guide & infographic: <a href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> by Pablo Impallari, <a href="http://www.google.com/fonts/specimen/Signika">Signika</a> by Anna Giedryś, <a href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo Narrow</a> by Omnibus-Type, <a href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a> by Florian Cramer.</p>
+</div>
- <p>Download the <a href="emailselfdefense_source.zip">source package</a> for this guide, including fonts, image source files and the text of Edward's messages.</p>
+<!-- /#copyright -->
+<p class="credits">信息图和指南设计由 <a rel="external"
+href="http://jplusplus.org"><strong>Journalism++</strong> <img
+src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png"
+alt="Journalism++" /></a></p>
+<!-- /.credits -->
+</div></footer>
- <p>This site uses the Weblabels standard for labeling <a href="https://www.fsf.org/campaigns/freejs">free JavaScript</a>. View the JavaScript <a href="//weblabels.fsf.org/emailselfdefense.fsf.org/" rel="jslicense">source code and license information</a>.</p>
- </div><!-- /#copyright -->
- <p class="credits">
- Infographic and guide design by <a rel="external" href="http://jplusplus.org"><strong>Journalism++</strong> <img src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png" alt="Journalism++" /></a>
- </p><!-- /.credits -->
- </div>
-</footer><!-- End #footer -->
-<script src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
-<script src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
+<!-- End #footer -->
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
<!-- Piwik -->
-<script type="text/javascript" >
-// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
+<script type="text/javascript" ><!--
+// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
var pkBaseURL = (("https:" == document.location.protocol) ? "https://piwik.fsf.org/" : "http://piwik.fsf.org/");
document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
try {
piwikTracker.enableLinkTracking();
} catch( err ) {}
// @license-end
-</script><noscript><p><img src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0" alt="" /></p></noscript>
-<!-- End Piwik Tracking Code -->
-
-
+-->
+</script>
+<noscript><p><img
+src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0"
+alt="" /></p></noscript>
+<!-- End Piwik Tracking Code -->
</body>
</html>
<!DOCTYPE html>
<html lang="zh-Hans">
- <head>
- <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<head>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Email Self-Defense - a guide to fighting surveillance with GnuPG encryption</title>
+<meta name="keywords" content="GnuPG, GPG, openpgp, 监控, 隐私, 电子邮件, Enigmail" />
+<meta name="description" content="电子邮件监控侵犯了我们的基本权利,并损害了言论自由。本指南将在 40 分钟里,教会你使用 GnuPG 进行电子邮件加密。" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
+<link rel="shortcut icon"
+href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
+</head>
- <title>Email Self-Defense - a guide to fighting surveillance with GnuPG encryption</title>
- <meta name="keywords" content="GnuPG, GPG, openpgp, surveillance, privacy, email, Enigmail" />
- <meta name="description" content="Email surveillance violates our fundamental rights and makes free speech risky. This guide will teach you email self-defense in 40 minutes with GnuPG." />
+<body>
- <meta name="viewport" content="width=device-width, initial-scale=1" />
- <link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
- <link rel="shortcut icon" href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
- </head>
- <body>
+<!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
+<header class="row" id="header"><div>
-<h3 class="wip">Translation in Progress</h3>
-<p class="wip">The <a href="/esd-zh-hans.po">PO file</a> is where work is being done. Please help us if you can. Thanks!</p>
+<h1>很不错!</h1>
-<!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
+</div></header>
- <header class="row" id="header">
- <div>
- <h1>Great job!</h1>
- </div>
- </header><!-- End #header -->
+<!-- End #header -->
+<!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
+<section class="row" id="section6"><div>
-<!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
- <section class="row" id="section6">
- <div>
+<!-- ~~~~~~~~~ section title + graphics ~~~~~~~~~ -->
+<div class="section-intro">
+<h2><em>#6</em> 下一步</h2>
+<p>你已经掌握了使用 GnuPG 加密电子邮件的基本知识,采取行动反对大规模监控。以下的步骤会充分利用你已经掌握的知识。</p>
- <!-- ~~~~~~~~~ section title + graphics ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#6</em> Next steps</h2>
- <p>You've now completed the basics of email encryption with GnuPG, taking action against bulk surveillance. These next steps will help make the most of the work you've done.</p>
- </div><!-- End .section-intro -->
+</div>
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-political" class="step">
- <div class="sidebar">
- <p><a id="infographic" href="infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png" alt="View & share our infographic →" /></a></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3>Join the movement</h3>
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-political" class="step">
+<div class="sidebar">
+
+<p><a id="infographic" href="infographic.html"><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png"
+alt="查看并分享我们的信息图" /></a></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3>加入运动</h3>
-<p>You've just taken a huge step towards protecting your privacy online. But each of us acting alone isn't enough. To topple bulk surveillance, we need to build a movement for the autonomy and freedom of all computer users. Join the Free Software Foundation's community to meet like-minded people and work together for change.</p>
+<p>你已经迈出了保护你自己在线隐私的一大步,但我们彼此单枪匹马战斗是远远不够的。我们需要发起一场所有计算机用户的自治和自由的运动。加入自由软件基金会的社区,会见志同道合的朋友,一起见证改变。</p>
+
+<p style="font-size:150%"><a href="https://status.fsf.org/fsf"><img
+src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
+class="share-logo"
+alt="[GNU Social]" />
+ GNU Social</a> | <a href="http://microca.st/fsf"><img
+src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
+class="share-logo"
+alt="[Pump.io]" />
+ Pump.io</a> | <a
+href="https://www.twitter.com/fsf">Twitter</a></p>
+
+<p><small>阅读<a href="https://www.fsf.org/twitter">为什么 GNU Social 和 Pump.io 要胜于
+Twitter</a>, 以及<a href="http://www.fsf.org/facebook">为什么我们不使用
+Facebook</a>。</small></p>
-<p style="font-size:150%">
- <a href="https://status.fsf.org/fsf">
- <img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
- class="share-logo" alt="[GNU Social]" />
- GNU Social
- </a> |
- <a href="http://microca.st/fsf">
- <img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
- class="share-logo" alt="[Pump.io]" />
- Pump.io
- </a> |
- <a href="https://www.twitter.com/fsf">Twitter</a>
-</p>
-<p><small>Read <a href="https://www.fsf.org/twitter">why GNU Social and Pump.io are better than Twitter</a>, and <a href="http://www.fsf.org/facebook">why we don't use Facebook</a>.</small></p>
<br />
<div class="newsletter">
-<p style="font-size:150%">Low-volume mailing list</p>
-
- <form method="post" action="https://my.fsf.org/civicrm/profile/create?reset=1&gid=391">
- <input type="text" placeholder="Type your email..." name="email-Primary" id="frmEmail" />
- <input type="submit" value="Add me" name="_qf_Edit_next" />
- <input type="hidden" value="https://emailselfdefense.fsf.org/en/confirmation.html" name="postURL" />
- <input type="hidden" value="1" name="group[25]" />
- <input type="hidden" value="https://my.fsf.org/civicrm/profile?reset=1&gid=391" name="cancelURL" />
- <input type="hidden" value="Edit:cancel" name="_qf_default" />
- </form>
-<p><small>Read our <a href="https://my.fsf.org/donate/privacypolicy.html">privacy policy</a>.</small></p>
- </div><!-- End .newsletter -->
- </div><!-- End .main -->
- </div><!-- End #step-political .step -->
+<p style="font-size:150%">低发送频率的邮件列表</p>
+
+<form method="post"
+action="https://my.fsf.org/civicrm/profile/create?reset=1&gid=391">
+<input type="text" value="Type your email..." name="email-Primary"
+id="frmEmail" /> <input type="submit" value="Add me" name="_qf_Edit_next" />
+<input type="hidden"
+value="https://emailselfdefense.fsf.org/en/confirmation.html" name="postURL"
+/> <input type="hidden" value="1" name="group[25]" /> <input type="hidden"
+value="https://my.fsf.org/civicrm/profile?reset=1&gid=391"
+name="cancelURL" /> <input type="hidden" value="Edit:cancel"
+name="_qf_default" />
+</form>
+
+<p><small>阅读我们的 <a
+href="https://my.fsf.org/donate/privacypolicy.html">隐私政策</a>。</small></p>
+
+</div>
+<!-- End .newsletter -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-political .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="teach-friends" class="step">
+<div class="main">
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="teach-friends" class="step">
- <div class="main">
+<h3>将本指南带给新人</h3>
- <h3>Bring Email Self-Defense to new people</h3>
+<p>理解并设置电子邮件加密对多数人是一项令人生畏的任务。为了欢迎他们,你要让你的公钥容易被找到,并提供加密上的帮助。以下是一些建议:</p>
-<p>Understanding and setting up email encryption is a daunting task for many. To welcome them, make it easy to find your public key and offer to help with encryption. Here are some suggestions:</p>
<ul>
+<li>使用我们的<a href="workshops.html">教学指南</a>,为你的朋友和社区举办一场电子邮件加密研讨会。</li>
-<li>Lead an Email Self-Defense workshop for your friends and community, using our <a href="workshops.html">teaching guide</a>.</li>
-
-<li>Use <a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Encrypt with me using Email Self-Defense %40fsf">our sharing page</a> to compose a message to a few friends and ask them to join you in using encrypted email. Remember to include your GnuPG public key fingerprint so they can easily download your key.</li>
+<li>使用<a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Encrypt with
+me using Email Self-Defense
+%40fsf">我们的分享页面</a>,给几个朋友撰写消息,要求他们加入加密邮件的队伍。记得附上你的 GnuPG
+公钥指纹,这样他们可以容易地下载你的公钥。</li>
-<li>Add your public key fingerprint anywhere that you normally display your email address. Some good places are: your email signature (the text kind, not the cryptographic kind), social media profiles, blogs, Websites, or business cards. At the Free Software Foundation, we put ours on our <a href="https://fsf.org/about/staff">staff page</a>.</li>
+<li>在所有显示你邮箱地址的地方,附上公钥指纹。一些好地方有:你的电子邮件签名(the text kind, not the cryptographic
+kind),社交媒体简历,博客,网站,商业名片。在自由软件基金会,我们把把它放在了我们的<a
+href="https://fsf.org/about/staff">雇员页面</a>。</li>
</ul>
- </div><!-- End .main -->
- </div><!-- End #step-friends .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-more_technologies" class="step">
+</div>
+<!-- End .main -->
+</div>
+<!-- End #teach-friends .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-more_technologies" class="step">
<div class="main">
+<h3>保护你的数字生活</h3>
+
+<p>学习更多有关即时通讯、硬盘储存、在线分享的反监控技术,尽在 <a
+href="https://directory.fsf.org/wiki/Collection:Privacy_pack">自由软件基金会隐私包</a>
+和 <a href="https://prism-break.org">prism-break.org</a>。</p>
+
+<p>如果你正在使用 Windows, Mac OS 或 其他专有操作系统,我们建议你切换至自由邮件操作系统,诸如
+GNU/Linux。攻击者通过隐藏后门入侵你的计算机会愈加困难。查看自由软件基金会<a
+href="http://www.gnu.org/distros/free-distros.html">推荐的 GNU/Linux 发行版</a>。</p>
+</div>
+<!-- End .main -->
+</div>
- <h3>Protect more of your digital life</h3>
- <p>Learn surveillance-resistant technologies for instant messages, hard drive storage, online sharing, and more at <a href="https://directory.fsf.org/wiki/Collection:Privacy_pack"> the Free Software Directory's Privacy Pack</a> and <a href="https://prism-break.org">prism-break.org</a>.</p> <p>If you are using Windows, Mac OS or any other proprietary operating system, we recommend you switch to a free software operating system like GNU/Linux. This will make it much harder for attackers to enter your computer through hidden back doors. Check out the Free Software Foundation's <a href="http://www.gnu.org/distros/free-distros.html">endorsed versions of GNU/Linux.</a></p>
- </div><!-- End .main -->
- </div><!-- End #step-more_technologies .step -->
+<!-- End #step-more_technologies .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="privacy-tor" class="step">
+<div class="main">
+
+<h3>可选:使用 Tor 增加对电子邮件的保护</h3>
+<p>洋葱路由(Tor)网络以多重加密封装网络通讯,并在全球多次传递。如果使用得当,Tor 能够迷惑监控代理和全球监控设备。和 GnuPG
+加密同时使用能够带给你最佳的安全。</p>
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="privacy-tor" class="step">
- <div class="main">
- <h3>Optional: Add more email protection with Tor</h3>
- <p><a href="https://www.torproject.org/about/overview.html.en">The Onion Router (Tor) network</a> wraps Internet communication in multiple layers of encryption and bounces it around the world several times. When used properly, Tor confuses surveillance field agents and the global surveillance apparatus alike. Using it simultaneously with GnuPG's encryption will give you the best results.</p>
- <p>To have your email program send and receive email over Tor, install the <a href="https://addons.mozilla.org/en-us/thunderbird/addon/torbirdy/">Torbirdy plugin</a> the same way you installed Enigmail, by searching for it through Add-ons.</p>
+<p>要通过 Tor 在电子邮件程序收发邮件,需要安装 <a
+href="https://addons.mozilla.org/en-us/thunderbird/addon/torbirdy/">Torbirdy插件</a>,其步骤与安装
+Enigmail 相同,在附加组建搜索即可。</p>
- <p>Before beginning to check your email over Tor, make sure you understand <a href="https://www.torproject.org/docs/faq.html.en#WhatProtectionsDoesTorProvide">the security tradeoffs involved</a>. This <a href="https://www.eff.org/pages/tor-and-https">infographic</a> from our friends at the Electronic Frontier Foundation demonstrates how Tor keeps you secure.</p>
- </div><!-- End .main -->
- </div><!-- End #step-lost_key .step-->
+<p>Before beginning to check your email over Tor, make sure you understand <a
+href="https://www.torproject.org/docs/faq.html.en#WhatProtectionsDoesTorProvide">
+the security tradeoffs involved</a>. This <a
+href="https://www.eff.org/pages/tor-and-https">infographic</a> from our
+friends at the Electronic Frontier Foundation demonstrates how Tor keeps you
+secure.</p>
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-better" class="step">
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #privacy-tor .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-better" class="step">
<div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section6-next-steps.png" alt="Section 6: Next Steps" /></p> <br /><p class="back" style="text-align:center">← <a href="index.html">Return to the guide</a></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3>Make Email Self-Defense tools even better</h3>
-<p><a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">Leave feedback and suggest improvements to this guide</a>. We welcome translations, but we ask that you contact us at <a href="mailto:campaigns@fsf.org">campaigns@fsf.org</a> before you start, so that we can connect you with other translators working in your language.</p>
- <p>If you like programming, you can contribute code to <a href="https://www.gnupg.org/">GnuPG</a> or <a href="https://www.enigmail.net/home/index.php">Enigmail</a>.</p>
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section6-next-steps.png"
+alt="Section 6: 下一步" /></p><br />
-<p>To go the extra mile, support the Free Software Foundation so we can keep improving Email Self-Defense, and make more tools like it.</p><p><a href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img alt="Donate" src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png" /></a> </p>
+<p class="back" style="text-align:center">← <a href="index.html">返回指南</a></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3>Make Email Self-Defense tools even better</h3>
+
+<p><a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">留下够能提升本指南的反馈和建议</a>。我们欢迎译员,但我们要求你在开始前发邮件
+<a href="mailto:campaigns@fsf.org">campaigns@fsf.org</a>
+联系我们,这样我们可以和联系你和其他译员一起翻译成你的语言。</p>
+
+<p>如果你喜欢编程,你可以向 <a href="https://www.gnupg.org/">GnuPG</a> 或 <a
+href="https://www.enigmail.net/home/index.php">Enigmail</a> 贡献代码。</p>
+
+<p>要走的更远,支持自由软件基金会,我们可以持续地提升本指南,并制作其他类似工具。</p>
+
+<p><a
+href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img
+alt="捐款"
+src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png" /></a></p>
<br />
+</div>
+<!-- End .main -->
+</div>
+
+
+
+<!-- End #step-better .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~
+<div id="step-learn_more" class="step">
+
+<div class="main">
+
+<h3>Learn more about GnuPG</h3>
+
+<p>There are a lot more features of GnuPG to discover, including
+encrypting files on your computer. There are a variety of resources
+accessible via Google, but we recommend starting with the links on the <a
+href="https://www.gnupg.org/documentation/">GnuPG Web site</a>.</p>
- </div><!-- End .main -->
- </div><!-- End #step-better .step -->
+</div>-->
+<!-- End .main -->
+<!--</div>
+-->
+<!-- End #step-learn_more .step -->
+</div></section>
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~
- <div id="step-learn_more" class="step">
- <div class="main">
- <h3>Learn more about GnuPG</h3>
- <p>There are a lot more features of GnuPG to discover, including encrypting files on your computer. There are a variety of resources accessible via Google, but we recommend starting with the links on the <a href="https://www.gnupg.org/documentation/">GnuPG Web site</a>.</p>
- </div>--><!-- End .main -->
- <!--</div>--><!-- End #step-learn_more .step -->
- </div>
- </section><!-- End #section6 -->
-<!-- ~~~~~~~~~ FAQ ~~~~~~~~~ -->
+
+<!-- End #section6 -->
+<!-- ~~~~~~~~~ FAQ ~~~~~~~~~ -->
<!-- When un-commenting this section go to main.css and search
- for /* Guide Sections Background */ then add #faq to the desired color
-
- <section class="row" id="faq">
- <div>
- <div class="sidebar">
- <h2>FAQ</h2>
- </div>
-
- <div class="main">
- <dl>
- <dt>My key expired</dt>
- <dd>Answer coming soon.</dd>
-
- <dt>Who can read encrypted messages? Who can read signed ones?</dt>
- <dd>Answer coming soon.</dd>
-
- <dt>My email program is opening at times I don't want it to open/is now my default program and I don't want it to be.</dt>
- <dd>Answer coming soon.</dd>
- </dl>
- </div>
- </div>
- </section> --><!-- End #faq -->
-
- <!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
- <footer class="row" id="footer">
- <div>
- <div id="copyright">
- <h4><a href="https://u.fsf.org/ys"><img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
- <p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software Foundation</a>, Inc. <a href="https://my.fsf.org/donate/privacypolicy.html">Privacy Policy</a>. Please support our work by <a href="https://u.fsf.org/yr">joining us as an associate member.</a></p>
-
- <p>The images on this page are under a <a href="https://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 license (or later version)</a>, and the rest of it is under a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">source code of Edward reply bot</a> by Andrew Engelbrecht <sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>, available under the GNU Affero General Public License. <a href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these licenses?</a></p>
-
- <p>Fonts used in the guide & infographic: <a href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> by Pablo Impallari, <a href="http://www.google.com/fonts/specimen/Signika">Signika</a> by Anna Giedryś, <a href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo Narrow</a> by Omnibus-Type, <a href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a> by Florian Cramer.</p>
-
- <p>Download the <a href="emailselfdefense_source.zip">source package</a> for this guide, including fonts, image source files and the text of Edward's messages.</p>
-
- <p>This site uses the Weblabels standard for labeling <a href="https://www.fsf.org/campaigns/freejs">free JavaScript</a>. View the JavaScript <a href="//weblabels.fsf.org/emailselfdefense.fsf.org/" rel="jslicense">source code and license information</a>.</p>
- </div><!-- /#copyright -->
- <p class="credits">
- Infographic and guide design by <a rel="external" href="http://jplusplus.org"><strong>Journalism++</strong> <img src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png" alt="Journalism++" /></a>
- </p><!-- /.credits -->
- </div>
- </footer><!-- End #footer -->
- <script src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
- <script src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
-
- <!-- Piwik -->
- <script type="text/javascript">
- /*
- @licstart The following is the entire license notice for the
- JavaScript code in this page.
-
- Copyright 2014 Matthieu Aubry
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see http://www.gnu.org/licenses/.
-
- @licend The above is the entire license notice
- for the JavaScript code in this page.
- */
- var _paq = _paq || [];
- _paq.push(["setDocumentTitle", document.domain + "/" + document.title]);
- _paq.push(["setCookieDomain", "*.www.fsf.org"]);
- _paq.push(["setDomains", ["*.www.fsf.org","*.www.fsf.org"]]);
- _paq.push(["trackPageView"]);
- _paq.push(["enableLinkTracking"]);
-
- (function() {
- var u=(("https:" == document.location.protocol) ? "https" : "http") + "://piwik.fsf.org/";
- _paq.push(["setTrackerUrl", u+"piwik.php"]);
- _paq.push(["setSiteId", "5"]);
- var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0]; g.type="text/javascript";
- g.defer=true; g.async=true; g.src=u+"piwik.js"; s.parentNode.insertBefore(g,s);
- })();
- </script>
- <!-- End Piwik Code -->
- </body>
+for /* Guide Sections Background */ then add #faq to the desired color
+<section class="row" id="faq">
+<div>
+<div class="sidebar">
+
+<h2>FAQ</h2>
+
+</div>
+<div class="main">
+
+<dl>
+<dt>My key expired</dt>
+<dd>Answer coming soon.</dd>
+
+<dt>Who can read encrypted messages? Who can read signed ones?</dt>
+<dd>Answer coming soon.</dd>
+
+<dt>My email program is opening at times I don't want it to open/is now my
+default program and I don't want it to be.</dt>
+<dd>Answer coming soon.</dd>
+</dl>
+
+</div>
+</div>
+</section> -->
+<!-- End #faq -->
+<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
+<footer class="row" id="footer"><div>
+<div id="copyright">
+
+<h4><a href="https://u.fsf.org/ys"><img
+alt="自由软件基金会"
+src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
+
+<p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software
+Foundation</a>, Inc. <a
+href="https://my.fsf.org/donate/privacypolicy.html">隐私政策</a>. <a
+href="https://u.fsf.org/yr">成为会员</a>,以支持我们的工作。</p>
+
+<p>The images on this page are under a <a
+href="https://creativecommons.org/licenses/by/4.0/">Creative Commons
+Attribution 4.0 license (or later version)</a>, and the rest of it is under
+a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons
+Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a
+href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">
+source code of Edward reply bot</a> by Andrew Engelbrecht
+<sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>,
+available under the GNU Affero General Public License. <a
+href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these
+licenses?</a></p>
+
+<p>本指南和信息图所使用的字体:<a
+href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> 由 Pablo
+Impallari 设计, <a
+href="http://www.google.com/fonts/specimen/Signika">Signika</a> 由 Anna
+Giedryś 设计,<a
+href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo
+Narrow</a> 由 Omnibus-Type 设计,<a
+href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a>
+由 Florian Cramer 设计。</p>
+
+<p>下载本指南(包含字体,图片文件和爱德华邮件的文本)的<a href="emailselfdefense_source.zip">源码包</a>。</p>
+
+<p>本站使用 Weblabels 标准标记 <a href="https://www.fsf.org/campaigns/freejs">自由的
+JavaScript</a>。 查看 JavaScript <a
+href="//weblabels.fsf.org/emailselfdefense.fsf.org/"
+rel="jslicense">源代码和许可证信息</a>。</p>
+
+</div>
+
+<!-- /#copyright -->
+<p class="credits">信息图和指南设计由 <a rel="external"
+href="http://jplusplus.org"><strong>Journalism++</strong> <img
+src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png"
+alt="Journalism++" /></a></p>
+<!-- /.credits -->
+</div></footer>
+
+
+<!-- End #footer -->
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
+
+<!-- Piwik -->
+<script type="text/javascript" ><!--
+// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
+var pkBaseURL = (("https:" == document.location.protocol) ? "https://piwik.fsf.org/" : "http://piwik.fsf.org/");
+document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
+try {
+ var piwikTracker = Piwik.getTracker(pkBaseURL + "piwik.php", 13);
+ piwikTracker.trackPageView();
+ piwikTracker.enableLinkTracking();
+} catch( err ) {}
+// @license-end
+-->
+</script>
+<noscript><p><img
+src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0"
+alt="" /></p></noscript>
+
+<!-- End Piwik Tracking Code -->
+</body>
</html>
<!DOCTYPE html>
<html lang="zh-Hans">
<head>
- <meta http-equiv="content-type" content="text/html; charset=utf-8" />
-
- <title>电子邮件加密傻瓜指南</title>
- <meta name="keywords" content="GnuPG, GPG, openpgp, 监控, 隐私, 电子邮件, Enigmail" />
- <meta name="description" content="电子邮件监控侵犯了我们的基本权利,并危及了言论自由。本指南将在四十分钟里教会你如何通过 GnuPG 加密邮件。" />
-
- <meta name="viewport" content="width=device-width, initial-scale=1" />
- <link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
- <link rel="shortcut icon" href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
-
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Email Self-Defense - a guide to fighting surveillance with GnuPG encryption</title>
+<meta name="keywords" content="GnuPG, GPG, openpgp, 监控, 隐私, 电子邮件, Enigmail" />
+<meta name="description" content="电子邮件监控侵犯了我们的基本权利,并损害了言论自由。本指南将在 40 分钟里,教会你使用 GnuPG 进行电子邮件加密。" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
+<link rel="shortcut icon"
+href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
</head>
+
<body>
-<h3 class="wip">Translation in Progress</h3>
-<p class="wip">The <a href="/esd-zh-hans.po">PO file</a> is where work is being done. Please help us if you can. Thanks!</p>
- <!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
+<!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
+<header class="row" id="header"><div>
- <header class="row" id="header">
- <div>
- <h1>电子邮件加密傻瓜指南</h1>
+<h1>Email Self-Defense</h1>
- <!-- Language list for browsers that do not have JS enabled -->
- <ul id="languages" class="os">
+
+<!-- Language list for browsers that do not have JS enabled -->
+<ul id="languages" class="os">
<li><a href="/en">English - v4.0</a></li>
<li><a href="/ar">العربية <span class="tip">tip</span></a></li>
<li><a href="/cs">Čeština - v4.0</a></li>
<li><a href="/sv">svenska - v4.0</a></li>
<li><a href="/tr">Türkçe - v4.0</a></li>
<li><a class="current" href="/zh-hans">简体中文 <span class="tip">tip</span></a></li>
-<li><a href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"><strong><span style="color: #2F5FAA;">帮助翻译</span></strong></a></li>
- </ul>
-
- <ul id="menu" class="os">
- <li class="spacer">
- <a href="index.html">GNU/Linux</a>
- </li>
- <li>
- <a href="mac.html">Mac OS</a>
- </li>
- <li>
- <a href="windows.html" class="current">Windows</a>
- </li>
- <li class="spacer"><a href="workshops.html">研讨会</a></li>
- <li class="spacer">
- <a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email encryption for everyone via %40fsf">
- 分享
- <img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png"
- class="share-logo" alt="[GNU Social]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png"
- class="share-logo" alt="[Pump.io]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png"
- class="share-logo" alt="[Reddit]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png"
- class="share-logo" alt="[Hacker News]" />
- </a>
- </li>
- </ul>
-
- <!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
- <div id="fsf-intro">
- <h3>
- <a href="http://u.fsf.org/ys">
- <img alt="Free Software Foundation"
- src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" />
- </a>
- </h3>
- <div class="fsf-emphasis">
- <p>
- 我们为计算机用户的权利而战,并促进自由软件的开发,对抗大规模监控对我们至关重要。
- </p>
- <p>
- <strong>
- 请捐款以支持电子邮件加密指南。我们会一直改进它,使其充实,for the benefit of people around the world taking the first step towards protecting their privacy.
- </strong>
- </p>
- </div>
-
- <p><a href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img alt="Donate" src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png" /></a> </p>
-
- </div><!-- End #fsf-intro -->
-
- <!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
- <div class="intro">
- <p>
- <a id="infographic" href="infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png" alt="View & share our infographic →" /></a>大规模监控侵犯了我们的基本权利,并危及了言论自由。本指南将会教授你一个基本的监控自我保护技巧:加密电子邮件。一旦你学会了,你将能够收发其他人无法阅读的电子邮件,包括那些拦截你邮件的监控代理或窃贼。你需要的是一台带网络连接的计算机,一个电子邮箱账号,和大约四十分钟时间。</p>
-
- <p>即使你没有什么见不得人的事情,通过加密可以保护通信对方的隐私,并使大规模监控变得困难。如果你确实有重要的东西需要隐藏,那么你并不孤独;告密者们在揭发人权侵犯、腐败以及其他犯罪问题时,也是使用同样的工具保护他们身份的。</p>
-
- <p>除了使用加密技术,我们还需要坚持不懈地与监控作政治斗争,以政府减少<a href="http://gnu.org/philosophy/surveillance-vs-democracy.html">对我们的大量数据收集</a>。但重中之重是保护好你自己,使得监控你的通讯尽可能的困难。本指南将帮助你做到。它是为初学者设计的,但如果你已经掌握了 GnuPG 的基本知识,或你是一位资深自由软件用户,你会喜欢进阶提示与<a href="workshops.html">加密探讨会指南</a>。</p>
-
- </div><!-- End .intro -->
-
- </div>
- </header><!-- End #header -->
-
- <!-- ~~~~~~~~~ Section 1: Get the pieces ~~~~~~~~~ -->
- <section class="row" id="section1">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#1</em> Get the pieces</h2>
- <p class="notes">本指南需要安装<a href="https://www.gnu.org/philosophy/free-sw.html">自由许可的</a>软件;它是完全透明的,任何人都可以复制它,并生成自己的版本。这使得它比专有软件(比如 Windows)更难受到监控。为了你免受监控,我们推荐你换用像 GNU/Linux 这样的自由软件操作系统。你可以在 <a href="https://u.fsf.org/ys">fsf.org</a> 上了解更多关于自由软件的信息。</p>
- <p>在开始之前,你需要安装 IceDove 电子邮件客户端。对于你的操作系统来说,IceDove 可能以其别名 Thunderbird 而为人所知。电子邮件程序是另一种访问邮箱账号的途径(你也可以像 Gmail 那样通过浏览器访问),但它提供了更多的功能。</p>
- <p>如果你已经安装好了邮件程序,请跳至 <a href="#step-1b">Step 1.b</a>。</p>
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-1a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1a-install-wizard.png" alt="Step 1.A: Install Wizard" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 1.a</em> 设置邮箱账号</h3>
- <p>打开你的邮件程序,按照向导程序的提示逐步设置好你的邮箱账号。</p>
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>向导程序没有启动</dt>
- <dd>你可以自行启动它,但不同邮件程序的菜单选项不尽相同。启动它的按钮在程序的主菜单里,“新建”或者类似的,标题类似于“添加账号”(Add account)或者“新建/已存在的邮箱账号”(New/Existing email account)。</dd>
- <dt>向导程序无法找到我的账号或是不下载我的邮件</dt>
- <dd>在你网上搜索前,我们建议你询问其他和你使用相同邮箱系统的人,以找出正确的设置。</dd>
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
-
- </div><!-- End .main -->
- </div><!-- End #step1-a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-1b" class="step">
-
- <div class="main">
- <h3><em>Step 1.b</em> 下载 GPG4Win</h3>
- <p>GPG4Win 是一个包含了 GnuPG 的软件包。<a href="https://www.gpg4win.org/">下载</a>并安装它,选择默认选项无论提示什么。安装完成后关闭窗口。</p>
-
- </div><!-- End .main -->
- </div><!-- End #step1-b .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-1c" class="step">
- <div class="sidebar">
- <ul class="images">
- <li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-01-tools-addons.png" alt="Step 1.C: Tools -> Add-ons" /></li>
- <li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-02-search.png" alt="Step 1.C: Search Add-ons" /></li>
- <li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-03-install.png" alt="Step 1.C: Install Add-ons" /></li>
- </ul>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 1.c</em> 安装 ENIGMAIL 插件</h3>
- <p>在邮件程序的菜单栏里,选择“附加组件”(Add-ons,它可能在工具选项里)。确认选上了左侧的“扩展”(Extensions)。看到了 Enigmail 吗?如果是,请跳过此步。</p>
- <p>如果没有,在右上方的搜索框里搜索“Enigmail”。你可以在这里获取到它。安装完成后重启邮件程序。</p>
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>I can't find the menu.</dt>
- <dd>In many new email programs, the main menu is represented by an image of three stacked horizontal bars.</dd>
-
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
- </div><!-- End #step-1c .step -->
- </div>
- </section><!-- End #section1 -->
-
- <!-- ~~~~~~~~~ Section 2: Make your keys ~~~~~~~~~ -->
- <section class="row" id="section2">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#2</em> 生成密钥</h2>
- <p>要使用 GnuPG 体系,你将会用到一把公钥(public key)和一把私钥(private key),他们合称为密钥对(keypair)。每一把都是随机生成的一长串数字和字母的值,它是独一无二的。你的公钥和私钥由一种特殊的数学函数联系在一起。</p>
-
- <p>你的公钥不太像现实中的钥匙,它公开储存在被称之为密钥服务器(keyserver)的在线目录上。人们可以下载使用它,借助 GnuPG,人们向你发送加密邮件。你可以把密钥服务器想象成一本电话簿;想要给你发送加密邮件的人能够找到你的公钥。</p>
-
- <p>你的私钥更像是现实中的钥匙,你需要自行保管它(在你的计算机中)。你可以使用 GnuPG 和你的私钥来解密他人发给你的加密邮件。<span style="font-weight: bold;">无论如何,你都不应该改向他人分享你的私钥。</span></p>
- <p>除了加密和解密,你可以使用这些密钥对消息进行签名,并检查其他人签名的真实性。我们将在下一节里详细探讨它。</p>
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-2a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step2a-01-make-keypair.png" alt="Step 2.A: Make a Keypair" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 2.a</em> 生成密钥对</h3>
- <p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup Wizard。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
- <ul>
- <li>在“加密”(Encryption)界面,选中“默认加密所有我的消息,因为隐私对我很重要”。</li>
- <li>在“签名”(Signing)界面,选中“默认不对我的消息签名”。</li>
- <li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”。</li>
- <li>在“生成密钥”(Create Key)界面。取一个强壮的密码吧!你可以自行取密码,也可以使用 Diceware 模式。自己取密码虽然快捷,但不安全。使用 Diceware 需要更长时间,并要求掷骰子,但它能生成攻击者难以辨识出的密码。要使用它,请阅读 Micah Lee 写的<a href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">这篇文章</a>的 Make a secure passphrase with Diceware 一节。</li>
- </ul>
-
- <p>如果你喜欢自己取密码,想一个你记得起的至少十二字符长的东西,至少包含一个小写和大写字母,和一个数字或标点符号。永远不要使用你其他地方使用过的密码。不用使用任何可辨识的模式,诸如生日、电话号码、宠物名字、歌词或书中的引言。</p>
-
- <p class="notes">在“生成密钥”(Key Creation)界面,程序需要花费小会儿完成下一步。等待时,你可以在计算机上做一些其他事情,比如看电影或浏览网页。此时你计算机使用的越频繁,密钥生成的速度越快。</p>
- <p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中 Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation Certificate [吊销证书]的文件夹在你的家目录下,并将它保存在那里)。这是本指南重要的一步,你将会在 <a href="#section5">Section 5</a> 了解到更多信息。</span></p>
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>我找不到 Enigmail 菜单</dt>
- <dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。Enigmail 可能在“工具”选项里。</dd>
-
- <dt>更多资源</dt>
- <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">Enigmail's wiki instructions for key generation</a>。</dd>
-
- <dt>我的邮件看起来很奇怪</dt>
- <dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的 HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
-
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
-
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
- <dt>使用命令行生成密钥</dt>
- <dd>如果你偏爱使用命令行,以获得更高级别的控制,你可以参考文档 <a href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy Handbook</a>。确保你选择的是"RSA and RSA" (the default),因为它比文档中推荐的算法更新更安全。同时确保你的密钥至少 2048 bits,如果你想更安全的话 4096 bits 也是可以的。</dd>
-
- <dt>Advanced key pairs</dt>
- <dd>When GnuPG creates a new keypair, it compartmentalizes the encryption function from the signing function through <a href="https://wiki.debian.org/Subkeys">subkeys</a>. If you use subkeys carefully, you can keep your GnuPG identity much more secure and recover from a compromised key much more quickly. <a href="https://alexcabal.com/creating-the-perfect-gpg-keypair/">Alex Cabal</a> and <a href="http://keyring.debian.org/creating-key.html">the Debian wiki</a> provide good guides for setting up a secure subkey configuration.</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
- </div><!-- End #step-2a .step -->
-
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-2b" class="step">
- <div class="main">
- <h3><em>Step 2.b</em> 上传公钥到密钥服务器</h3>
- <p>在你的电子邮件程序菜单里,选中 Enigmail → 密钥管理。</p>
- <p>在你的密钥那里右键,选择“上传公钥到密钥服务器”。使用弹窗中默认的密钥服务器。</p>
- <p class="notes">现在,想给你发送加密信息的人可以从因特网上下载到你的公钥了。上传时,菜单中有多个密钥服务器可供逆选择,但他们拥有彼此完成的副本,所以你选择哪一个无关紧要。然而,新的密钥上传后,服务器间可能要数小时才能完成同步。</p>
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>进度条一直没有结束</dt>
- <dd>关闭上传窗口,确保你已连接上网络,再试一次。如果还不行,则选择其他密钥服务器。</dd>
- <dt>我的密钥没有显示在列表中</dt>
- <dd>尝试选中“默认显示全部密钥”。</dd>
- <dt>更多文档</dt>
- <dd>如果你对我们的指南有困难,或仅仅是想了解更多,请查看 <a href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">Enigmail's documentation</a>。</dd>
-
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
-
- </dl>
- </div><!-- /.troubleshooting -->
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
- <dt>Uploading a key from the command line</dt>
- <dd>You can also upload your keys to a keyserver through the <a href="https://www.gnupg.org/gph/en/manual/x457.html">command line</a>. <a href="https://sks-keyservers.net/overview-of-pools.php">The sks Web site</a> maintains a list of highly interconnected keyservers. You can also <a href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">directly export your key</a> as a file on your computer.</dd>
-
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
- </div><!-- End #step-2b .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="terminology" class="step">
- <div class="main">
- <h3>什么是 GnuPG,OpenPGP?</h3>
- <p>通常,术语 GnuPG, GPG, GNU Privacy Guard, OpenPGP 和 PGP 可以交换其称呼。技术上说,OpenPGP (Pretty Good Privacy) 是一种加密标准, GNU Privacy Guard (常被缩写为 GPG 或 GnuPG)是实现该标准的程序。Enigmail 是一个电子邮件程序的插件,它提供了 GnuPG 的界面。</p>
- </div><!-- End .main -->
- </div><!-- End #terminology.step-->
-
-
- </div>
- </section><!-- End #section2 -->
-
- <!-- ~~~~~~~~~ Section 3: Try it out ~~~~~~~~~ -->
- <section class="row" id="section3">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#3</em> 试一试</h2>
- <p>现在你将要尝试与名为 Edward 的计算机程序进行通信,它掌握了如何加密。除非另有说明,你与真人通信时也遵循同样的步骤。</p>
-
- <!-- <p>NOTE: Edward is currently having some technical difficulties, so he may take a long time to respond, or not respond at all. We're sorry about this and we're working hard to fix it. Your key will still work even without testing with Edward.</p> -->
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section3-try-it-out.png" alt="Try it out." /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 3.a</em> Send Edward your public key</h3>
- <p>This is a special step that you won't have to do when corresponding with real people. In your email program's menu, go to Enigmail → Key Management. You should see your key in the list that pops up. Right click on your key and select Send Public Keys by Email. This will create a new draft message, as if you had just hit the Write button.</p>
-
- <p>Address the message to <a href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>. Put at least one word (whatever you want) in the subject and body of the email. Don't send yet.</p>
-
- <p>The lock icon in the top left should be yellow, meaning encryption is
- turned on. We want this first special message to be unencrypted, so
- click the icon once to turn it off. The lock should become grey, with a
- blue dot on it (to alert you that the setting has been changed from the
- default). Once encryption is off, hit Send.</p>
-
- <p class="notes">It may take two or three minutes for Edward to respond. In the meantime, you might want to skip ahead and check out the <a href="#section5">Use it Well</a> section of this guide. Once he's responded, head to the next step. From here on, you'll be doing just the same thing as when corresponding with a real person.</p>
-
- <p>When you open Edward's reply, GnuPG may prompt you for your password before using your private key to decrypt it.</p>
- </div><!-- End .main -->
- </div><!-- End #step-3a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3b" class="step">
- <div class="main">
- <h3><em>Step 3.b</em> Send a test encrypted email</h3>
- <p>Write a new email in your email program, addressed to <a href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>. Make the subject "Encryption test" or something similar and write something in the body.</p>
- <p>The lock icon in the top left of the window should be yellow, meaning encryption is on. This will be your default from now on.</p>
- <p class="notes">Next to the lock, you'll notice an icon of a pencil. We'll get to this in a moment.</p>
- <p>Click Send. Enigmail will pop up a window that says "Recipients not valid, not trusted or not found."</p>
-
- <p>To encrypt an email to Edward, you need his public key, so now you'll have Enigmail download it from a keyserver. Click Download Missing Keys and use the default in the pop-up that asks you to choose a keyserver. Once it finds keys, check the first one (Key ID starting with C), then select ok. Select ok in the next pop-up.</p>
-
- <p>Now you are back at the "Recipients not valid, not trusted or not found" screen. Check the box in front of Edward's key and click Send.</p>
-
- <p class="notes">Since you encrypted this email with Edward's public key, Edward's private key is required to decrypt it. Edward is the only one with his private key, so no one except him can decrypt it.</p>
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>疑难解答</h4>
- <dl>
- <dt>Enigmail can't find Edward's key</dt>
- <dd>Close the pop-ups that have appeared since you clicked Send. Make sure you are connected to the Internet and try again. If that doesn't work, repeat the process, choosing a different keyserver when it asks you to pick one.</dd>
- <dt>Unscrambled messages in the Sent folder</dt>
- <dd>Even though you can't decrypt messages encrypted to someone else's key, your email program will automatically save a copy encrypted to your public key, which you'll be able to view from the Sent folder like a normal email. This is normal, and it doesn't mean that your email was not sent encrypted.</dd>
- <dt>More resources</dt>
- <dd>If you're still having trouble with our instructions or just want to learn more, check out <a href="https://enigmail.wiki/Signature_and_Encryption#Encrypting_a_message">Enigmail's wiki</a>.</dd>
- <dt class="feedback">没有解决你的问题?</dt>
- <dd class="feedback">请在<a href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
- </dl>
- </div><!-- /.troubleshooting -->
-
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
- <dt>Encrypt messages from the command line</dt>
- <dd>You can also encrypt and decrypt messages and files from the <a href="https://www.gnupg.org/gph/en/manual/x110.html">command line</a>, if that's your preference. The option --armor makes the encrypted output appear in the regular character set.</dd>
- </dl>
- </div><!-- /.troubleshooting -->
-
-
- </div><!-- End .main -->
- </div><!-- End #step-3b .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-headers_unencrypted" class="step">
- <div class="main">
- <h3><em>Important:</em> Security tips</h3>
- <p>Even if you encrypt your email, the subject line is not encrypted, so don't put private information there. The sending and receiving addresses aren't encrypted either, so a surveillance system can still figure out who you're communicating with. Also, surveillance agents will know that you're using GnuPG, even if they can't figure out what you're saying. When you send attachments, Enigmail will give you the choice to encrypt them or not, independent of the actual email.</p>
- </div><!-- End .main -->
- </div><!-- End #step-headers_unencrypted .step-->
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3c" class="step">
- <div class="main">
- <h3><em>Step 3.c</em> Receive a response</h3>
- <p>When Edward receives your email, he will use his private key to decrypt it, then use your public key (which you sent him in <a href="#step-3a">Step 3.A</a>) to encrypt his reply to you.</p>
-
- <p class="notes">It may take two or three minutes for Edward to respond. In the meantime, you might want to skip ahead and check out the <a href="#section5">Use it Well</a> section of this guide.</p>
- <p>When you receive Edward's email and open it, Enigmail will automatically detect that it is encrypted with your public key, and then it will use your private key to decrypt it.</p>
- <p>Notice the bar that Enigmail shows you above the message, with information about the status of Edward's key.</p>
- </div><!-- End .main -->
- </div><!-- End #step-3c .step -->
-
-
- <div id="step-3d" class="step">
- <div class="main">
- <h3><em>Step 3.d</em> Send a test signed email</h3>
- <p>GnuPG includes a way for you to sign messages and files, verifying that they came from you and that they weren't tampered with along the way. These signatures are stronger than their pen-and-paper cousins -- they're impossible to forge, because they're impossible to create without your private key (another reason to keep your private key safe).</p>
-
- <p>You can sign messages to anyone, so it's a great way to make people aware that you use GnuPG and that they can communicate with you securely. If they don't have GnuPG, they will be able to read your message and see your signature. If they do have GnuPG, they'll also be able to verify that your signature is authentic.</p>
-
- <p>To sign an email to Edward, compose any message to him and click the pencil icon next to the lock icon so that it turns gold. If you sign a message, GnuPG may ask you for your password before it sends the message, because it needs to unlock your private key for signing.</p>
-
- <p>With the lock and pencil icons, you can choose whether each message will be encrypted, signed, both, or neither.</p>
- </div>
- </div>
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-3e" class="step">
- <div class="main">
- <h3><em>Step 3.e</em> Receive a response</h3>
- <p>When Edward receives your email, he will use your public key (which you sent him in <a href="#step-3a">Step 3.A</a>) to verify that your signature is authentic and the message you sent has not been tampered with.</p>
-
- <p class="notes">It may take two or three minutes for Edward to respond. In the meantime, you might want to skip ahead and check out the <a href="#section5">Use it Well</a> section of this guide.</p>
-
- <p>Edward's reply will arrive encrypted, because he prefers to use encryption whenever possible. If everything goes according to plan, it should say "Your signature was verified." If your test signed email was also encrypted, he will mention that first.</p>
- </div><!-- End .main -->
- </div><!-- End #step-3c .step -->
- </div>
- </section>
-
-
- <!-- ~~~~~~~~~ Section 4: Learn the Web of Trust ~~~~~~~~~ -->
- <section class="row" id="section4">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#4</em> Learn the Web of Trust</h2>
- <p>Email encryption is a powerful technology, but it has a weakness; it requires a way to verify that a person's public key is actually theirs. Otherwise, there would be no way to stop an attacker from making an email address with your friend's name, creating keys to go with it and impersonating your friend. That's why the free software programmers that developed email encryption created keysigning and the Web of Trust.</p>
-
- <p>When you sign someone's key, you are publicly saying that you've verified that it belongs to them and not someone else.</p>
-
- <p>Signing keys and signing messages use the same type of mathematical operation, but they carry very different implications. It's a good practice to generally sign your email, but if you casually sign people's keys, you may accidently end up vouching for the identity of an imposter.</p>
-
- <p>People who use your public key can see who has signed it. Once you've used GnuPG for a long time, your key may have hundreds of signatures. You can consider a key to be more trustworthy if it has many signatures from people that you trust. The Web of Trust is a constellation of GnuPG users, connected to each other by chains of trust expressed through signatures.</p>
-
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-4a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section4-web-of-trust.png" alt="Section 4: Web of Trust" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3><em>Step 4.a</em> Sign a key</h3>
- <p>In your email program's menu, go to Enigmail → Key Management.</p>
- <p>Right click on Edward's public key and select Sign Key from the context menu.</p>
- <p>In the window that pops up, select "I will not answer" and click ok.</p>
- <p>Now you should be back at the Key Management menu. Select Keyserver → Upload Public Keys and hit ok.</p>
- <p class="notes">You've just effectively said "I trust that Edward's public key actually belongs to Edward." This doesn't mean much because Edward isn't a real person, but it's good practice.</p>
-
-
- <!--<div id="pgp-pathfinder">
- <form enctype="application/x-www-form-urlencoded" action="/mk_path.cgi" method="get">
- <p><strong>From:</strong> <input type="text" placeholder="xD41A008" name="FROM"></p>
- <p><strong>To:</strong> <input type="text" placeholder="50BD01x4" name="TO"></p>
- <p class="buttons"><input type="submit" value="trust paths" name="PATHS"> <input type="reset" value="reset" name=".reset"></p>
- </form>
- </div>End #pgp-pathfinder -->
-
- </div><!-- End .main -->
- </div><!-- End #step-4a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-identify_keys" class="step">
- <div class="main">
- <h3>Identifying keys: Fingerprints and IDs</h3>
- <p>People's public keys are usually identified by their key fingerprint, which is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8 (for Edward's key). You can see the fingerprint for your public key, and other public keys saved on your computer, by going to Enigmail → Key Management in your email program's menu, then right clicking on the key and choosing Key Properties. It's good practice to share your fingerprint wherever you share your email address, so that people can double-check that they have the correct public key when they download yours from a keyserver.</p>
-
- <p class="notes">You may also see public keys referred to by their key ID, which is simply the last eight digits of the fingerprint, like C09A61E8 for Edward. The key ID is visible directly from the Key Management window. This key ID is like a person's first name (it is a useful shorthand but may not be unique to a given key), whereas the fingerprint actually identifies the key uniquely without the possibility of confusion. If you only have the key ID, you can still look up the key (as well as its fingerprint), like you did in Step 3, but if multiple options appear, you'll need the fingerprint of the person to whom you are trying to communicate to verify which one to use.</p>
-
- </div><!-- End .main -->
- </div><!-- End #step-sign_real_keys .step-->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="check-ids-before-signing" class="step">
- <div class="main">
- <h3><em>Important:</em> What to consider when signing keys</h3>
- <p>Before signing a person's key, you need to be confident that it actually belongs to them, and that they are who they say they are. Ideally, this confidence comes from having interactions and conversations with them over time, and witnessing interactions between them and others. Whenever signing a key, ask to see the full public key fingerprint, and not just the shorter key ID. If you feel it's important to sign the key of someone you've just met, also ask them to show you their government identification, and make sure the name on the ID matches the name on the public key. In Enigmail, answer honestly in the window that pops up and asks "How carefully have you verified that the key you are about to sign actually belongs to the person(s) named above?"
-</p>
-
- <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
- <div class="troubleshooting">
- <h4>进阶指南</h4>
- <dl>
- <dt>Master the Web of Trust</dt>
- <dd>Unfortunately, trust does not spread between users the way <a href="http://fennetic.net/irc/finney.org/~hal/web_of_trust.html">many people think</a>. One of best ways to strengthen the GnuPG community is to deeply <a href="https://www.gnupg.org/gph/en/manual/x334.html">understand</a> the Web of Trust and to carefully sign as many people's keys as circumstances permit.</dd>
- <dt>Set ownertrust</dt>
- <dd>If you trust someone enough to validate other people's keys, you can assign them an ownertrust level through Enigmails's key management window. Right click on the other person's key, go to the "Select Owner Trust" menu option, select the trustlevel and click OK. Only do this once you feel you have a deep understanding of the Web of Trust.</dd>
- </dl>
- </div><!-- /.troubleshooting -->
- </div><!-- End .main -->
-
- </div><!-- End #step-sign_real_keys .step-->
-
-
- </div>
- </section><!-- End #section4 -->
-
- <!-- ~~~~~~~~~ Section 5: Use it well ~~~~~~~~~ -->
- <section id="section5" class="row">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <h2><em>#5</em> Use it well</h2>
- <p>Everyone uses GnuPG a little differently, but it's important to follow some basic practices to keep your email secure. Not following them, you risk the privacy of the people you communicate with, as well as your own, and damage the Web of Trust.</p>
- </div><!-- End .section-intro -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-5a" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-01-use-it-well.png" alt="Section 5: Use it Well (1)" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3>When should I encrypt? When should I sign?</h3>
-
- <p>The more you can encrypt your messages, the better. If you only encrypt emails occasionally, each encrypted message could raise a red flag for surveillance systems. If all or most of your email is encrypted, people doing surveillance won't know where to start. That's not to say that only encrypting some of your email isn't helpful -- it's a great start and it makes bulk surveillance more difficult.</p>
- <p>Unless you don't want to reveal your own identity (which requires other protective measures), there's no reason not to sign every message, whether or not you are encrypting. In addition to allowing those with GnuPG to verify that the message came from you, signing is a non-intrusive way to remind everyone that you use GnuPG and show support for secure communication. If you often send signed messages to people that aren't familiar with GnuPG, it's nice to also include a link to this guide in your standard email signature (the text kind, not the cryptographic kind).</p>
-
- </div><!-- End .main -->
- </div><!-- End #step-5a .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-5b" class="step">
- <div class="sidebar">
- <p><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-02-use-it-well.png" alt="Section 5: Use it Well (2)" /></p>
- </div><!-- /.sidebar -->
- <div class="main">
- <h3>Be wary of invalid keys</h3>
- <p>GnuPG makes email safer, but it's still important to watch out for invalid keys, which might have fallen into the wrong hands. Email encrypted with invalid keys might be readable by surveillance programs.</p>
- <p>In your email program, go back to the first encrypted email that Edward sent you. Because Edward encrypted it with your public key, it will have a message from Enigmail at the top, which most likely says "Enigmail: Part of this message encrypted."</p>
- <p><b>When using GnuPG, make a habit of glancing at that bar. The program will warn you there if you get an email encrypted with a key that can't be trusted.</b></p>
- </div><!-- End .main -->
- </div><!-- End #step-5b .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-5c" class="step">
- <div class="main">
- <h3>Copy your revocation certificate to somewhere safe</h3>
- <p>Remember when you created your keys and saved the revocation certificate that GnuPG made? It's time to copy that certificate onto the safest digital storage that you have -- the ideal thing is a flash drive, disk, or hard drive stored in a safe place in your home, not on a device you carry with you regularly.</p>
- <p>If your private key ever gets lost or stolen, you'll need this certificate file to let people know that you are no longer using that keypair.</p>
- </div><!-- End .main -->
- </div><!-- End #step-5c .step -->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="step-lost_key" class="step">
- <div class="main">
- <h3><em>Important:</em> act swiftly if someone gets your private key</h3>
- <p>If you lose your private key or someone else gets ahold of it (say, by stealing or cracking your computer), it's important to revoke it immediately before someone else uses it to read your encrypted email or forge your signature. This guide doesn't cover how to revoke a key, but you can follow these <a href="https://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/">instructions</a>. After you're done revoking, make a new key and send an email to everyone with whom you usually use your key to make sure they know, including a copy of your new key.</p>
- </div><!-- End .main -->
- </div><!-- End #step-lost_key .step-->
-
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <!---<div id="transfer-key" class="step">
- <div class="main">
- <h3>Transferring you key</h3>
- <p>You can use Enigmail's <a href="https://www.enigmail.net/documentation/keyman.php">key management window</a> to import and export keys. If you want to be able to read your encrypted email on a different computer, you will need to export your secret key from here. Be warned, if you transfer the key without <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">encrypting</a> the drive it's on the transfer will be dramatically less secure.</p>
- </div>--><!-- End .main -->
- </div><!-- End #step-lost_key .step-->
-
-
-
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
- <div id="webmail-and-GnuPG" class="step">
- <div class="main">
- <h3>Webmail and GnuPG</h3>
- <p>When you use a web browser to access your email, you're using webmail, an email program stored on a distant website. Unlike webmail, your desktop email program runs on your own computer. Although webmail can't decrypt encrypted email, it will still display it in its encrypted form. If you primarily use webmail, you'll know to open your email client when you receive a scrambled email.</p>
- </div><!-- End .main -->
- </div><!-- End #webmail-and-GnuPG .step-->
-
- <!-- ~~~~~~~~~ a div for each step ~~~~~~~~~
- <div id="step-5d" class="step">
- <div class="main">
- <h3>Make your public key part of your online identity</h3>
- <p> First add your public key fingerprint to your email signature, then compose an email to at least five of your friends, telling them you just set up GnuPG and mentioning your public key fingerprint. Link to this guide and ask them to join you. Don't forget that there's also an awesome <a href="infographic.html">infographic to share.</a></p>
-
- <p class="notes">Start writing your public key fingerprint anywhere someone would see your email address: your social media profiles, blog, Website, or business card. (At the Free Software Foundation, we put ours on our <a href="https://fsf.org/about/staff">staff page</a>.) We need to get our culture to the point that we feel like something is missing when we see an email address without a public key fingerprint.</p>
- </div>--><!-- End .main
-</div> End #step-5d .step-->
-
-
-</section><!-- End #section5 -->
-
-
-
-<!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
+<li><a
+href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"><strong><span
+style="color: #2F5FAA;">Translate!</span></strong></a></li>
+</ul>
+
+<ul id="menu" class="os">
+<li class="spacer"><a href="index.html">GNU/Linux</a></li>
+<li><a href="mac.html">Mac OS</a></li>
+<li><a href="windows.html" class="current">Windows</a></li>
+<li class="spacer"><a href="workshops.html">研讨会</a></li>
+<li class="spacer"><a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email encryption
+for everyone via %40fsf"> Share
+<img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png" class="share-logo"
+alt="[GNU Social]" />
+<img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png" class="share-logo"
+alt="[Pump.io]" />
+<img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png" class="share-logo"
+alt="[Reddit]" />
+<img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png" class="share-logo"
+alt="[Hacker News]" /></a></li>
+</ul>
+
+
+<!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
+<div id="fsf-intro">
+
+<h3><a href="http://u.fsf.org/ys"><img
+alt="自由软件基金会"
+src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" />
+</a></h3>
+
+<div class="fsf-emphasis">
+
+<p>我们为计算机用户的权利而战,并促进自由软件的发展,对抗大规模监控对我们至关重要。</p>
+
+<p><strong>请捐款以支持电子邮件加密指南。我们会一直改进它,使其充实,迈出保护自己隐私的第一步是人人受益的。</strong></p>
+
+</div>
+
+<p><a
+href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img
+alt="捐款"
+src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png" /></a></p>
+
+</div>
+
+
+<!-- End #fsf-intro -->
+<!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
+<div class="intro">
+
+<p><a id="infographic" href="infographic.html"><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png"
+alt="查看并分享我们的信息图" /></a>
+大规模监控侵犯了我们的基本权利,并危及了言论自由。本指南将会教授你一个基本的监控自我保护技巧:加密电子邮件。一旦你学会了,你将能够收发其他人(包括那些拦截你邮件的监控代理或窃贼)无法阅读的电子邮件。你需要的是一台带网络连接的计算机,一个电子邮箱账号和大约四十分钟时间。</p>
+
+<p>即使你没有什么见不得人的事情,通过加密可以保护通信对方的隐私,并使大规模监控系统变得难以运作。如果你确实有重要的东西需要隐藏,那么你并不孤独;告密者们在揭发人权侵犯、腐败以及其他犯罪问题时,也是使用同样的工具保护他们身份的。</p>
+
+<p>除了使用加密技术,我们还需要坚持不懈地与监控作政治斗争,以减少政府<a
+href="http://gnu.org/philosophy/surveillance-vs-democracy.html">对我们的大量数据收集</a>。但重中之重是保护好你自己,使得监控你的通讯尽可能的困难。本指南将帮助你做到。它是为初学者设计的,但如果你已经掌握了
+GnuPG 的基本知识,或你是一位资深自由软件用户,你会喜欢进阶提示与<a href="workshops.html">加密探讨会指南</a>。</p>
+
+</div>
+<!-- End .intro -->
+</div></header>
+
+
+<!-- End #header -->
+<!-- ~~~~~~~~~ Section 1: Get the pieces ~~~~~~~~~ -->
+<section class="row" id="section1"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#1</em> 获取部件</h2>
+
+<p class="notes">This guide relies on software which is <a
+href="https://www.gnu.org/philosophy/free-sw.html">freely licensed</a>; it's
+completely transparent and anyone can copy it or make their own
+version. This makes it safer from surveillance than proprietary software
+(like Windows or Mac OS). To defend your freedom as well as protect yourself
+from surveillance, we recommend you switch to a free software operating
+system like GNU/Linux. Learn more about free software at <a
+href="https://u.fsf.org/ys">fsf.org</a>.</p>
+
+<p>在开始之前,你需要安装 IceDove 邮件程序。对于你的操作系统来说,IceDove 可能以其别名 Thunderbird
+存在于你的系统。电子邮件程序是另一种访问邮箱账号的途径(你也可以像 Gmail 那样通过浏览器访问),但它提供了更多的功能。</p>
+
+<p>如果你已经有了电子邮件程序,你可以跳至 <a href="#step-1b">Step 1.b</a>。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-1a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1a-install-wizard.png"
+alt="Step 1.A: 安装向导" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 1.a</em> 配置电子邮件帐号</h3>
+
+<p>打开你的邮件程序,按照向导程序的提示逐步设置好你的邮箱账号。</p>
+
+<p>在配置你的账号时,留意服务器右侧的 SSL, TLS 或 STARTTLS
+字样。如果你没有看到他们,你仍将有能力使用加密,但这意味着运行邮件系统的人以低于行业标准的规范保护着你的安全与隐私。我们建议你,向他们发送一份友好的邮件,要求他们为邮件服务器启用
+SSL, TLS 或 STARTTLS。他们会知道你说的是什么,如果你不是系统安全的专家,这是一个值得的请求。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>向导程序没有启动</dt>
+<dd>你可以自行启动它,但不同邮件程序的菜单选项不尽相同。启动它的按钮在程序的主菜单里,“新建”或者类似的,标题类似于“添加账号”(Add
+account)或者“新建/已存在的邮箱账号”(New/Existing email account)。</dd>
+
+<dt>向导程序没有找到我的账号或者不在下载我的邮件</dt>
+<dd>在网上搜索解决方案之前,我们建议你问问你身边使用相同邮件系统的人,以检查设置是否正确。</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step1-a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-1b" class="step">
+<div class="main">
+
+<h3><em>Step 1.b</em> 下载 GPG4Win 获取 GnuPG</h3>
+
+<p>GPG4Win 是一个包含 GnuPG 的软件包。<a
+href="https://www.gpg4win.org/">下载</a>并安装它,无论提示什么都选择默认选项。安装后,你可以关闭程序创建的窗口。</p>
+
+<p>在 GPG4Win 3.1.2 前的版本存在重大安全漏洞。请确保安装的是 GPG4Win 3.1.2 及其之后的版本。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step1-b .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-1c" class="step">
+<div class="sidebar">
+<ul class="images">
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-01-tools-addons.png"
+alt="Step 1.C: 工具 -> 附加组件" /></li>
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-02-search.png"
+alt="Step 1.C: 搜索附加组件" /></li>
+<li><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step1b-03-install.png"
+alt="Step 1.C: 安装附加组件" /></li>
+</ul>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 1.c</em> 给电子邮件程序安装 ENIGMAIL 插件</h3>
+
+<p>在邮件程序的菜单栏里,选择“附加组件”(Add-ons,它可能在工具选项里)。确认选上了左侧的“扩展”(Extensions)。看到了 Enigmail
+吗?如果是,请跳过此步。</p>
+
+<p>如果没有,在右上方的搜索框里搜索“Enigmail”。你可以在这里获取到它。安装完成后重启邮件客户端。</p>
+
+<p>在 Enigmail 2.0.7 前的版本存在重大安全漏洞。请确保安装的是 Enigmail 2.0.7 及其之后的版本。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>我找不到菜单。</dt>
+<dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。</dd>
+
+<dt>我的电子邮件看起来很奇怪</dt>
+<dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的
+HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+<!-- End #step-1b .step -->
+</div></section>
+
+
+<!-- End #section1 -->
+<!-- ~~~~~~~~~ Section 2: Make your keys ~~~~~~~~~ -->
+<section class="row" id="section2"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#2</em> 生成密钥</h2>
+
+<p>要使用 GnuPG 体系,你将会用到一把公钥(public key)和一把私钥(private
+key),他们合称为密钥对(keypair)。每一把都是随机生成的一长串数字和字母的值,它是独一无二的。你的公钥和私钥是由一种特殊的数学函数联系在一起。</p>
+
+<p>你的公钥不太像现实中的钥匙,它公开储存在被称之为密钥服务器(keyserver)的在线目录上。人们可以下载使用它,借助
+GnuPG,人们向你发送加密邮件。你可以把密钥服务器想象成一本电话簿;想要给你发送加密邮件的人能够找到你的公钥。</p>
+
+<p>你的私钥更像是现实中的钥匙,你需要自行保管它(在你的计算机中)。你可以使用 GnuPG 和你的私钥来解密他人发给你的加密邮件。<span
+style="font-weight: bold;">无论如何,你都不应该改向他人分享你的私钥。</span></p>
+
+<p>除了加密和解密,你可以使用这些密钥对消息进行签名,并检查其他人签名的真实性。我们将在下一节里详细探讨它。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-2a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/step2a-01-make-keypair.png"
+alt="Step 2.A: 生成密钥对" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 2.a</em> 生成密钥对</h3>
+
+<p>Enigmail 安装向导可能会自动运行。如果没有,在你的邮件程序你选择 Enigmail → Setup
+Wizard。如果你不愿意,你不必去阅读弹出窗口中的文字,但读一读总归是好的。点击下一步而不对默认选项作修改,但除了下列情况以外:</p>
+
+<ul>
+<li>在“加密”(Encryption)界面,选中“默认加密我的所有消息,因为隐私对我很重要”。</li>
+
+<li>在“签名”(Signing)界面,选中“默认不对我的消息签名”。</li>
+
+<li>在“密钥选择”(Key Selection)界面,选择“我想为数字签名和加密邮件创建新密钥对”。</li>
+
+<li>On the screen titled "Create Key," pick a strong password! You can do it
+manually, or you can use the Diceware method. Doing it manually is faster
+but not as secure. Using Diceware takes longer and requires dice, but
+creates a password that is much harder for attackers figure out. To use it,
+read the section "Make a secure passphrase with Diceware" in <a
+href="https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/">
+this article</a> by Micah Lee.</li>
+</ul>
+
+<p>如果你喜欢自己取密码,想一个你记得起的至少十二字符长的东西,至少包含一个小写和大写字母,和一个数字或标点符号。永远不要使用你其他地方使用过的密码。不用使用任何可辨认的规律,诸如生日、电话号码、宠物名字、歌词或书中的引言。</p>
+
+<p class="notes">在“生成密钥”(Key
+Creation)界面,程序需要花费小会儿完成下一步。等待时,你可以在计算机上做一些其他事情,比如看电影或浏览网页。此时你计算机使用的越频繁,密钥生成的速度越快。</p>
+
+<p><span style="font-weight: bold;">当 "Key Generation Completed" (密钥已生成)窗口弹出,选中
+Generate Certificate (生成证书)并选择把它储存在计算机上安全的地方(我们推荐新建一个名为 Revocation
+Certificate [吊销证书]的目录在你的家目录下,并将它保存在那里)。这是本指南重要的一步,你将会在 <a
+href="#section5">Section 5</a> 了解到更多信息。</span></p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>我找不到 Enigmail 菜单。</dt>
+<dd>在许多新型电子邮件程序中,主菜单是用三横杠图标表示的。Enigmail 可能在“工具”选项里。</dd>
+
+<dt>向导程序无法找到 GnuPG</dt>
+<dd>打开你常用来安装软件的程序,搜索 GnuPG,并安装它。通过 Enigmail → Setup Wizard 来重启 Enigmail 安装向导。</dd>
+
+<dt>我的电子邮件看起来很奇怪</dt>
+<dd>Enigmail 往往不能在 HTML 格式(它是一种常见的邮件格式)里表现的很好,所以它会自动禁用 HTML 格式。要想发送不加密或不带签名的
+HTML 格式邮件,单击“新建消息”时按住 Shift 键,你就可以撰写邮件,仿佛 Enigmail 不存在一样。</dd>
+
+<dt>更多资源</dt>
+<dd>If you're having trouble with our instructions or just want to learn more,
+check out <a
+href="https://enigmail.wiki/Key_Management#Generating_your_own_key_pair">
+Enigmail's wiki instructions for key generation</a>.</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+
+
+<!-- /.troubleshooting -->
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>使用命令行生成密钥</dt>
+<dd>如果你偏爱使用命令行,以获得更高级别的控制,你可以参考文档 <a
+href="https://www.gnupg.org/gph/en/manual/c14.html#AEN25">The GNU Privacy
+Handbook</a>。确保你选择的是"RSA and RSA" (the default),因为它比文档中推荐的算法更新更安全。同时确保你的密钥至少
+2048 bits,如果你想更安全的话 4096 bits 也是可以的。</dd>
+
+<dt>Advanced key pairs</dt>
+<dd>When GnuPG creates a new keypair, it compartmentalizes the encryption
+function from the signing function through <a
+href="https://wiki.debian.org/Subkeys">subkeys</a>. If you use subkeys
+carefully, you can keep your GnuPG identity much more secure and recover
+from a compromised key much more quickly. <a
+href="https://alexcabal.com/creating-the-perfect-gpg-keypair/">Alex
+Cabal</a> and <a href="http://keyring.debian.org/creating-key.html">the
+Debian wiki</a> provide good guides for setting up a secure subkey
+configuration.</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-2a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-2b" class="step">
+<div class="main">
+
+<h3><em>Step 2.b</em> 上传公钥到密钥服务器</h3>
+
+<p>在你的电子邮件程序菜单里,选中 Enigmail → 密钥管理。</p>
+
+<p>在你的密钥那里右键,选择“上传公钥到密钥服务器”。使用弹窗中默认的密钥服务器。</p>
+
+<p class="notes">现在,想给你发送加密信息的人可以从因特网上下载到你的公钥了。上传时,菜单中有多个密钥服务器可供逆选择,但他们拥有彼此完成的副本,所以你选择哪一个无关紧要。然而,新的密钥上传后,服务器间可能要数小时才能完成同步。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>进度条一直没有结束</dt>
+<dd>关闭上传窗口,确保你已连接上网络,再试一次。如果还不行,则选择其他密钥服务器。</dd>
+
+<dt>我的密钥没有显示在列表中</dt>
+<dd>尝试选中“默认显示全部密钥”。</dd>
+
+<dt>更多文档</dt>
+<dd>If you're having trouble with our instructions or just want to learn more,
+check out <a
+href="https://www.enigmail.net/documentation/quickstart-ch2.php#id2533620">
+Enigmail's documentation</a>.</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+
+
+<!-- /.troubleshooting -->
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>使用命令行上传公钥</dt>
+<dd>你也可以通过<a
+href="https://www.gnupg.org/gph/en/manual/x457.html">命令行</a>上传公钥到密钥服务器。<a
+href="https://sks-keyservers.net/overview-of-pools.php">The sks Web site</a>
+维护着一个高度相互连接的密钥服务器列表。你也可以<a
+href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">直接导出公钥</a>文件到你的计算机中。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-2b .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="terminology" class="step">
+<div class="main">
+
+<h3>什么是 GnuPG,OpenPGP?</h3>
+
+<p>通常,术语 GnuPG, GPG, GNU Privacy Guard, OpenPGP 和 PGP 可以交换其称呼。技术上说,OpenPGP
+(Pretty Good Privacy) 是一种加密标准, GNU Privacy Guard (常被缩写为 GPG 或
+GnuPG)是实现该标准的程序。Enigmail 是一个电子邮件程序的插件,它提供了 GnuPG 的界面。</p>
+
+</div>
+<!-- End .main -->
+</div>
+<!-- End #terminology.step-->
+</div></section>
+
+
+<!-- End #section2 -->
+<!-- ~~~~~~~~~ Section 3: Try it out ~~~~~~~~~ -->
+<section class="row" id="section3"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#3</em> 试一试</h2>
+
+<p>现在你将要尝试与名为 Edward 的计算机程序进行通信,它掌握了如何加密。除非另有说明,你与真人通信时也遵循同样的步骤。</p>
+
+
+<!-- <p>
+NOTE: Edward is currently having some technical difficulties, so he
+may take a long time to respond, or not respond at all. We're sorry about
+this and we're working hard to fix it. Your key will still work even without
+testing with Edward.</p> -->
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section3-try-it-out.png"
+alt="来试试" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 3.a</em> 向爱德华发送你的公钥</h3>
+
+<p>这一步很特别,因为你和真人通信时不需要做。在你的邮件程序菜单中,找到 Enigmail → Key
+Management。你应当看到你的密钥在弹窗的列表中。在你的密钥处右键,选择“通过邮件发送公钥”。这会创建一封草稿消息,就好像你点击了“撰写”按钮。</p>
+
+<p>收信人地址填写 <a
+href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>。在邮件主题栏和正文里任意撰写内容。先别发送。</p>
+
+<p>左上方的锁形图标应当是黄色的,这意味着加密已经启用。我们需要这第一封特别的邮件是未经加密的,因此需要单击图标让它关闭。此时锁形图标会变成灰色,并带有小蓝点(以提醒你默认设置已发生改变)。加密关闭后,点击发送。</p>
+
+<p class="notes">爱德华可能需要两三分钟回复邮件。在这期间,你可以跳过前面的部分并查阅本指南<a
+href="#section5">善用加密</a>章节。爱德华回复后,继续下面的步骤。从这里开始,你所要做的与真人通信时相同。</p>
+
+<p>你打开爱德华回复的邮件,在使用私钥解密消息时,GnuPG 可能会弹窗要求输入密码。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-3a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3b" class="step">
+<div class="main">
+
+<h3><em>Step 3.b</em> 发送一封测试加密邮件</h3>
+
+<p>在你的邮件程序中写一封新的邮件,收信人地址填写 <a
+href="mailto:edward-en@fsf.org">edward-en@fsf.org</a>。在主题中填写“加密测试”或类似的词语,并在正文中写一些内容。</p>
+
+<p>窗口左上放的锁形图标应当是黄色的,这意味着加密已启用。这会是你今后的默认设置。</p>
+
+<p class="notes">紧挨这锁形,你会注意带一个铅笔图标。我们马上就会用到它。</p>
+
+<p>点击发送。Enigmail 会弹出窗口提示“收件人不合法,不受信任或未找到。”</p>
+
+<p>要给爱德华发送加密邮件,你需要他的公钥,接下来你要 Enigmail
+从密钥服务器下载它。点击“下载缺失的密钥”,并使用默认的密钥服务器。一旦它找到公钥后,选择第一支密钥(以 C 开头的 Key
+ID),并确定。在下一个弹窗中选择确定。</p>
+
+<p>现在你返回“收件人不合法,不受信任或未找到”界面,查看爱德华公钥的窗口,点击发送。</p>
+
+<p class="notes">因为你使用了爱德华的公钥加密邮件,解密则就要求爱德华的私钥。只有爱德华自己有它的私钥,因此除了他,没人能解密消息。</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>疑难解答</h4>
+
+<dl>
+<dt>Enigmail 无法找到爱德华的公钥</dt>
+<dd>关闭点击发送时的弹窗,确保你已经连接上因特网并再试一次。如果仍然无效,重复此过程,选择其他密钥服务器。</dd>
+
+<dt>已发送文件夹中解密的消息</dt>
+<dd>即便你无法解密用其他人公钥加密过的消息,你的邮件程序会自动用你的公钥保存一份副本,这就使得你能够在已发送文件夹像查看普通邮件一样查看它。这是正常的,它并不代表你已发的邮件没有被加密。</dd>
+
+<dt>更多资源</dt>
+<dd>If you're still having trouble with our instructions or just want to learn
+more, check out <a
+href="https://enigmail.wiki/Signature_and_Encryption#Encrypting_a_message">
+Enigmail's wiki</a>.</dd>
+
+<dt class="feedback">没有找到你的问题?</dt>
+<dd class="feedback">请在<a
+href="https://libreplanet.org/wiki/GPG_guide/Public_Review">反馈页</a>上告诉我们。</dd>
+</dl>
+
+</div>
+
+
+<!-- /.troubleshooting -->
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>使用命令行加密消息</dt>
+<dd>如果你喜欢,你也可以用<a
+href="https://www.gnupg.org/gph/en/manual/x110.html">命令行</a>加解密消息和文件。命令开关
+--armor 能够使加密输出显示为常规字符集。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-3b .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-headers_unencrypted" class="step">
+<div class="main">
+
+<h3><em>重要:</em> 安全提示</h3>
+
+<p>即便你加密了邮件,主题行是不受加密的,因此不要在那里填写私人信息。发送人和接收人的邮件地址也是不经过加密的,因此监控系统可以辨识出你在和谁通信。同时,监控代理将会知道你使用了
+GnuPG,即便不知道你说了什么。当你发送附件时,Enigmail 会让你选择加密与否,它是独立于真实邮件的。</p>
+
+<p>处于潜在的安全原因,你可以关闭 HTML 格式,而使用纯文本渲染消息主题。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-headers_unencrypted .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3c" class="step">
+<div class="main">
+
+<h3><em>Step 3.c</em> 接收回信</h3>
+
+<p>当爱德华收到你的邮件,他会使用他的私钥去解密消息,接下里使用你的公钥(你在 <a href="#step-3a">Step 3.A</a>
+发给他了)加密他给你的回复。</p>
+
+<p class="notes">爱德华可能需要两三分钟回复邮件。在这期间,你可以跳过前面的部分并查阅本指南<a href="#section5">善用加密</a>章节。</p>
+
+<p>当你接收爱德华的邮件并打开它时,Enigmail 会自动检测它是否使用你的公钥加密的,接下来使用你的私钥解密消息。</p>
+
+<p>消息上方的通知条显示爱德华公钥状态的信息。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-3c .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3d" class="step">
+<div class="main">
+
+<h3><em>Step 3.d</em> 发送一封测试签名邮件</h3>
+
+<p>GnuPG
+提供了对消息或文件签名的方式,验证它们的确来自于你,并且一直未被篡改。这些签名比笔头签名更强有力——前者是无法被伪造的,因为没有你的私钥就无法签名(这是另一个保护私钥安全的原因)。</p>
+
+<p>你可以向任何人签名消息,因此让安全通信的对方意识到你在使用 GnuPG,是个不错的主意。如果他们没有
+GnuPG,他们仍将有能力阅读你的消息并查看你的签名。如果他们有,他们将有能力验证你签名的真实性。</p>
+
+<p>要想对爱德华的邮件签名,并撰写一些消息给他,点击紧邻锁形图标的铅笔图标,它会变成金黄色。你要是对消息签名,GnuPG
+可能会在你点击发送消息钱询问你密码,这是因为签名需要解锁私钥。</p>
+
+<p>锁形和铅笔图标能够让你对每封消息选择加密、签名、两者都要或者都不要。</p>
+
+</div>
+</div>
+
+
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-3e" class="step">
+<div class="main">
+
+<h3><em>Step 3.e</em> 接收回信</h3>
+
+<p>当爱德华收到你的邮件,他将会使用你的公钥(你在 <a href="#step-3a">Step
+3.A</a>发给他了)去验证你签名的真实性,以及你发送的消息未经篡改。</p>
+
+<p class="notes">爱德华可能需要两三分钟回复邮件。在这期间,你可以跳过前面的部分并查阅本指南<a href="#section5">善用加密</a>章节。</p>
+
+<p>爱德华的回复回事加密的,因为只要有可能他就会使用加密。如果按计划进行,他会回复“你的签名是已被验证”。如果你的测试签名邮件也是加密的,他会优先提及。</p>
+
+</div>
+<!-- End .main -->
+</div>
+<!-- End #step-3e .step -->
+</div></section>
+
+
+<!-- ~~~~~~~~~ Section 4: Learn the Web of Trust ~~~~~~~~~ -->
+<section class="row" id="section4"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#4</em> 了解信任网</h2>
+
+<p>邮件加密是一种强有力的技术,但它有弱点;它要求验证某人的公钥的的确确是属于他的。否则,无法阻止攻击者使用你朋友姓名和邮件地址,生成密钥,进行冒充。这就是为什么自由软件的程序员开发出密钥签名(keysigning)和信任网(the
+Web of Trust)。</p>
+
+<p>当你签署了某人的公钥,相当于你公开声称这把公钥经过你验证是属于他们的,而不是其他人。</p>
+
+<p>签署密钥和消息签名使用了同种类型的数学运算,但有着不同的含义。通常,对自己邮件进行签名是良好的实践,但随意签署别人的公钥,你可能最终会意外地为冒充者做了担保。</p>
+
+<p>拥有你的公钥的人可以看到谁签署了此公钥。长期使用 GnuPG
+后,你的密钥可能有数百支签名。你可以认为,公钥上你信任的人的签名越多,那么这只公钥越可信。信任网是 GnuPG
+用户的聚集地,他们用签名传递着信任链,连接彼此。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-4a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section4-web-of-trust.png"
+alt="Section 4: 信任网" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3><em>Step 4.a</em> 签署密钥</h3>
+
+<p>在邮件程序菜单中,选择 Enigmail → Key Management。</p>
+
+<p>爱德华公钥处右键,在上下文菜单中选中“签署密钥”。</p>
+
+<p>在弹窗中,选中“我不会回应”并点击确定。</p>
+
+<p>现在你返回 Key Management 菜单。选择 Keyserver → Upload Public Keys 并点击确定。</p>
+
+<p class="notes">你刚刚有力地表达了“我信任爱德华的公钥,它的确属于爱德华”。由于爱德华是一个机器人,这对它并不意味着什么,但这是一个好的实践。</p>
+
+
+<!--<div id="pgp-pathfinder">
+
+
+<form enctype="application/x-www-form-urlencoded" action="/mk_path.cgi"
+method="get">
+
+<p><strong>From:</strong><input type="text" value="xD41A008"
+name="FROM"></p>
+
+<p><strong>To:</strong><input type="text" value="50BD01x4" name="TO"></p>
+
+<p class="buttons"><input type="submit" value="trust paths" name="PATHS"><input
+type="reset" value="reset" name=".reset"></p>
+
+</form>
+
+</div>End #pgp-pathfinder -->
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-4a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-identify_keys" class="step">
+<div class="main">
+
+<h3>验证密钥:指纹和 ID</h3>
+
+<p>人们的公钥通常是由他们密钥指纹确定的,它是像 F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8
+(爱德华的密钥)的数字串。通过在你邮件程序菜单 Enigmail → Key Management
+,在密钥上右键密钥属性,你能看到你的公钥以及计算机上其他公钥的指纹。在告诉他人你邮箱地址的同时,分享你的指纹是一个不错的实践,这样人们可以在从服务器下载你公钥的时候,再次检查下载的公钥是否正确。</p>
+
+<p class="notes">你可能已经看到有人使用短 key ID 表示公钥。Key Management 窗口中,你可以直接看到 key
+ID。这八位字符曾经用于表示身份,现已经不再安全可靠。你需要检查完整的指纹,以验证你确实拥有通信对方正确的密钥。不幸的是,有意生成两个指纹后八位一样的密钥,这种欺诈是很常见的。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-identify_keys .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="check-ids-before-signing" class="step">
+<div class="main">
+
+<h3><em>重要:</em> 签署密钥时需要考虑什么</h3>
+
+<p>在签署密钥前,你需要确认密钥的确是属于他的,的的确确是声称是自己的那个人。这种确信来自逐步地沟通交流,以及目睹了他与其他人的交流过程。任何时候签署密钥都应该要求查看完整的公钥指纹,而不只是短
+key ID。如果你认为所要签署人的公钥相当重要,可以要求他出示身份证明,确保身份证上的姓名与公钥的姓名相符。在 Enigmail
+里,诚实地回答弹出窗口问题“你对签署的公钥确实属于那个名字的人,验证的严格程度?”</p>
+
+
+<!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
+<div class="troubleshooting">
+
+<h4>进阶指南</h4>
+
+<dl>
+<dt>精通信任网</dt>
+<dd>不幸地是,信任并不是像<a
+href="http://fennetic.net/irc/finney.org/~hal/web_of_trust.html">大多数人想象的</a>那样在用户之间传递。深入<a
+href="https://www.gnupg.org/gph/en/manual/x334.html">理解</a>信任网是如何运作的,并在条件允许的情况下,谨慎地对尽可能多的人的密钥进行签名,是增强
+GnuPG 社区的最佳方式。</dd>
+
+<dt>设置信任级</dt>
+<dd>如果你对某人的信任足够验证其他人的密钥,你可以在 Enigmail 的 Key management
+窗口中,为他们指派一个信任级(ownertrust)级别。在其他人密钥处右键,选中“选择信任级”(Select Owner
+Trust)菜单选项,选择信任级,并点击确定。在充分理解信任网的前提下,完成这一步。</dd>
+</dl>
+
+</div>
+<!-- /.troubleshooting -->
+</div>
+<!-- End .main -->
+</div>
+<!-- End #check-ids-before-signing .step-->
+</div></section>
+
+
+<!-- End #section4 -->
+<!-- ~~~~~~~~~ Section 5: Use it well ~~~~~~~~~ -->
+<section id="section5" class="row"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<h2><em>#5</em> 善用加密</h2>
+
+<p>每个人使用 GnuPG 方法不尽相同,遵循一些基本的实践是保护邮件安全的重要方式。一旦不遵守,你便是拿着通信双方的隐私做冒险,并且危及信任网。</p>
+
+</div>
+
+
+<!-- End .section-intro -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-5a" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-01-use-it-well.png"
+alt="Section 5: 善用加密(1)" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3>何时该加密?何时该签名?</h3>
+
+<p>加密消息是多多益善的。如果你只是偶然加密邮件,每封的加密消息就像是为监控系统竖红旗。如果全部邮件都是加密的,做监控的人不会知道哪封是开始——这不是说加密部分邮件毫无帮助——使大规模监控变得困难是重要的开头。</p>
+
+<p>除非你不想暴露身份(这还要求其他保护措施),没有理由不对每封信签名,无论是否加密。除了允许 GnuPG
+验证消息确实来自于你,签名是一种非侵入式的方式,提醒别人你在使用 GnuPG,并对支持安全的通信表示支持。如果你经常给不熟悉 GnuPG
+的人发送签名消息,在你的标准邮件签名(the text kind, not the cryptographic kind)中附上本指南的链接将会不错。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-5a .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-5b" class="step">
+<div class="sidebar">
+
+<p><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/section5-02-use-it-well.png"
+alt="Section 5: 善用加密(2)" /></p>
+
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3>警惕非法密钥</h3>
+
+<p>GnuPG 能够是的邮件更安全,但仍要小心非法密钥,它可能导致消息落入坏人之手。非法密钥加密的邮件可能可以被监控程序读取。</p>
+
+<p>在你的邮件程序里,回到爱德华发给你的第一封加密邮件。因为爱德华用你的公钥加密了它,Enigmail
+的上方会有一条消息,它可能是这样写的:“Enigmail:消息部分已加密”。</p>
+
+<p><b>使用 GnuPG 时,要养成看通知条的习惯。如果你收到的邮件是用不受信任的密钥签名的,程序会提醒你。</b></p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-5b .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-5c" class="step">
+<div class="main">
+
+<h3>备份吊销证书到安全的地方</h3>
+
+<p>还记得你是何时生成密钥和保存 GnuPG
+生成的吊销证书的吗?是时候将证书复制到安全的数字储存设备上——理想的地方是闪存盘,磁盘或者硬盘,他们存放在家中安全的地方——而不是你随身携带的设备。</p>
+
+<p>如果你的私钥丢失或被盗,你需要这张证书文件以让人们知晓,你不再使用这对密钥对了。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #step-5c .step -->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="step-lost_key" class="step">
+<div class="main">
+
+<h3><em>重要:</em> 如果有人得到了你的私钥,要迅速行动</h3>
+
+<p>要是你丢失了私钥或是有人得到了它(这是说,你的计算机被偷或者被黑)。在其他人使用你私钥阅读你的加密邮件或是伪造签名前,立即吊销它显得格外重要。本指南不包含如何吊销密钥,但你可以遵循这些<a
+href="https://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/">指示</a>。在你吊销完成后,生成新的密钥对,并给所有使用你的密钥的人发送邮件,并附上新密钥的拷贝,确保他们知道发生了什么。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+
+
+
+<!-- End #step-lost_key .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<!---<div id="transfer-key" class="step">
+
+<div class="main">
+
+<h3>Transferring you key</h3>
+
+<p>You can use Enigmail's <a
+href="https://www.enigmail.net/documentation/keyman.php">key management
+window</a> to import and export keys. If you want to be able to read
+your encrypted email on a different computer, you will need to export
+your secret key from here. Be warned, if you transfer the key without <a
+href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">encrypting</a>
+the drive it's on the transfer will be dramatically less secure.</p>
+
+</div>-->
+<!-- End .main
+</div>
+ End #transfer-key .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~ -->
+<div id="webmail-and-GnuPG" class="step">
+<div class="main">
+
+<h3>网页邮箱和 GnuPG</h3>
+
+<p>当你使用网页浏览器获取你的邮件,那么你使用的是网页邮箱(webmail),它是一个直接存放在网站的电子邮件程序。和网页邮箱不同,你的桌面邮件程序是运行在你自己的计算机上。即使网页邮箱无法解密加密过的邮件,它仍然会以加密形式显示出来。如果你常用的是网页邮箱,当你收到一封混乱的电子邮件时,你应当知道去打开你的电子邮件客户端。</p>
+
+</div>
+<!-- End .main -->
+</div>
+
+
+<!-- End #webmail-and-GnuPG .step-->
+<!-- ~~~~~~~~~ a div for each step ~~~~~~~~~
+<div id="step-5d" class="step">
+
+<div class="main">
+
+<h3>Make your public key part of your online identity</h3>
+
+<p> First add your public key fingerprint to your email signature, then
+compose an email to at least five of your friends, telling them you just
+set up GnuPG and mentioning your public key fingerprint. Link to this guide
+and ask them to join you. Don't forget that there's also an awesome <a
+href="infographic.html">infographic to share.</a></p>
+
+<p class="notes">Start writing your public key fingerprint anywhere someone
+would see your email address: your social media profiles, blog, Website,
+or business card. (At the Free Software Foundation, we put ours on our
+<a href="https://fsf.org/about/staff">staff page</a>.) We need to get our
+culture to the point that we feel like something is missing when we see an
+email address without a public key fingerprint.</p>
+
+</div>-->
+<!-- End .main
+</div>
+ End #step-5d .step-->
+</div></section>
+
+
+<!-- End #section5 -->
+<!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
<section class="row" id="section6">
- <div id="step-click_here" class="step">
- <div class="main">
- <h2><a href="next_steps.html">Great job! Check out the next steps.</a></h2>
+<div id="step-click_here" class="step">
+<div class="main">
+
+<h2><a href="next_steps.html">很不错!继续查看下一步。</a></h2>
+
+</div>
+<!-- End .main -->
+</div>
+<!-- End #step-click_here .step-->
+</section>
+
+
- </div><!-- End .main -->
- </div><!-- End #step-click_here .step-->
-</section><!-- End #section6 -->
-<!-- ~~~~~~~~~ FAQ ~~~~~~~~~ -->
+<!-- End #section6 -->
+<!-- ~~~~~~~~~ FAQ ~~~~~~~~~ -->
<!-- When un-commenting this section go to main.css and search
for /* Guide Sections Background */ then add #faq to the desired color
-
<section class="row" id="faq">
<div>
<div class="sidebar">
+
<h2>FAQ</h2>
-</div>
+</div>
<div class="main">
+
<dl>
<dt>My key expired</dt>
<dd>Answer coming soon.</dd>
<dt>Who can read encrypted messages? Who can read signed ones?</dt>
<dd>Answer coming soon.</dd>
-<dt>My email program is opening at times I don't want it to open/is now my default program and I don't want it to be.</dt>
+<dt>My email program is opening at times I don't want it to open/is now my
+default program and I don't want it to be.</dt>
<dd>Answer coming soon.</dd>
</dl>
+
</div>
</div>
-</section> --><!-- End #faq -->
-
-<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
-<footer class="row" id="footer">
- <div>
- <div id="copyright">
- <h4><a href="https://u.fsf.org/ys"><img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
- <p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software Foundation</a>, Inc. <a href="https://my.fsf.org/donate/privacypolicy.html">Privacy Policy</a>. Please support our work by <a href="https://u.fsf.org/yr">joining us as an associate member.</a></p>
+</section> -->
+<!-- End #faq -->
+<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
+<footer class="row" id="footer"><div>
+<div id="copyright">
+
+<h4><a href="https://u.fsf.org/ys"><img
+alt="自由软件基金会"
+src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
+
+<p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software
+Foundation</a>, Inc. <a
+href="https://my.fsf.org/donate/privacypolicy.html">隐私政策</a>. <a
+href="https://u.fsf.org/yr">成为会员</a>,以支持我们的工作。</p>
+
+<p>The images on this page are under a <a
+href="https://creativecommons.org/licenses/by/4.0/">Creative Commons
+Attribution 4.0 license (or later version)</a>, and the rest of it is under
+a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons
+Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a
+href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">
+source code of Edward reply bot</a> by Andrew Engelbrecht
+<sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>,
+available under the GNU Affero General Public License. <a
+href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these
+licenses?</a></p>
+
+<p>本指南和信息图所使用的字体:<a
+href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> 由 Pablo
+Impallari 设计, <a
+href="http://www.google.com/fonts/specimen/Signika">Signika</a> 由 Anna
+Giedryś 设计,<a
+href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo
+Narrow</a> 由 Omnibus-Type 设计,<a
+href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a>
+由 Florian Cramer 设计。</p>
+
+<p>下载本指南(包含字体,图片文件和爱德华邮件的文本)的<a href="emailselfdefense_source.zip">源码包</a>。</p>
+
+<p>本站使用 Weblabels 标准标记 <a href="https://www.fsf.org/campaigns/freejs">自由的
+JavaScript</a>。 查看 JavaScript <a
+href="//weblabels.fsf.org/emailselfdefense.fsf.org/"
+rel="jslicense">源代码和许可证信息</a>。</p>
- <p>The images on this page are under a <a href="https://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 license (or later version)</a>, and the rest of it is under a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">source code of Edward reply bot</a> by Andrew Engelbrecht <sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>, available under the GNU Affero General Public License. <a href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these licenses?</a></p>
-
- <p>Fonts used in the guide & infographic: <a href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> by Pablo Impallari, <a href="http://www.google.com/fonts/specimen/Signika">Signika</a> by Anna Giedryś, <a href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo Narrow</a> by Omnibus-Type, <a href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a> by Florian Cramer.</p>
+</div>
- <p>Download the <a href="emailselfdefense_source.zip">source package</a> for this guide, including fonts, image source files and the text of Edward's messages.</p>
+<!-- /#copyright -->
+<p class="credits">信息图和指南设计由 <a rel="external"
+href="http://jplusplus.org"><strong>Journalism++</strong> <img
+src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png"
+alt="Journalism++" /></a></p>
+<!-- /.credits -->
+</div></footer>
- <p>This site uses the Weblabels standard for labeling <a href="https://www.fsf.org/campaigns/freejs">free JavaScript</a>. View the JavaScript <a href="//weblabels.fsf.org/emailselfdefense.fsf.org/" rel="jslicense">source code and license information</a>.</p>
- </div><!-- /#copyright -->
- <p class="credits">
- Infographic and guide design by <a rel="external" href="http://jplusplus.org"><strong>Journalism++</strong> <img src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png" alt="Journalism++" /></a>
- </p><!-- /.credits -->
- </div>
-</footer><!-- End #footer -->
-<script src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
-<script src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
+<!-- End #footer -->
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
+<script type="text/javascript"
+src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
<!-- Piwik -->
-<script type="text/javascript" >
-// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
+<script type="text/javascript" ><!--
+// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
var pkBaseURL = (("https:" == document.location.protocol) ? "https://piwik.fsf.org/" : "http://piwik.fsf.org/");
document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
try {
piwikTracker.enableLinkTracking();
} catch( err ) {}
// @license-end
-</script><noscript><p><img src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0" alt="" /></p></noscript>
-<!-- End Piwik Tracking Code -->
-
-
+-->
+</script>
+<noscript><p><img
+src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0"
+alt="" /></p></noscript>
+<!-- End Piwik Tracking Code -->
</body>
</html>
<!DOCTYPE html>
<html lang="zh-Hans">
<head>
- <meta http-equiv="content-type" content="text/html; charset=utf-8" />
-
- <title>Email Self-Defense - Teach your friends!</title>
- <meta name="keywords" content="GnuPG, GPG, openpgp, 监控, 隐私, 电子邮件, Enigmail" />
- <meta name="description" content="电子邮件监控侵犯了我们的基本权利,并给言论自由带来风险。本指南将在40分钟里教会你如何使用GnuPG加密邮件。" />
-
- <meta name="viewport" content="width=device-width, initial-scale=1" />
- <link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
- <link rel="shortcut icon" href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
-
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Email Self-Defense - Teach your friends!</title>
+<meta name="keywords" content="GnuPG, GPG, openpgp, 监控, 隐私, 电子邮件, Enigmail" />
+<meta name="description" content="电子邮件监控侵犯了我们的基本权利,并损害了言论自由。本指南将在 40 分钟里,教会你使用 GnuPG 进行电子邮件加密。" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<link rel="stylesheet" href="//static.fsf.org/nosvn/enc-dev0/css/main.css" />
+<link rel="shortcut icon"
+href="//static.fsf.org/nosvn/enc-dev0/img/favicon.ico" />
</head>
+
<body>
-<h3 class="wip">Translation in Progress</h3>
-<p class="wip">The <a href="/esd-zh-hans.po">PO file</a> is where work is being done. Please help us if you can. Thanks!</p>
- <!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
+<!-- ~~~~~~~~~ GnuPG Header and introduction text ~~~~~~~~~ -->
+<header class="row" id="header"><div>
+
+<h1>Email Self-Defense</h1>
- <header class="row" id="header">
- <div>
- <h1>Email Self-Defense</h1>
- <!-- Language list for browsers that do not have JS enabled -->
-
<ul id="languages" class="os">
+<!-- Language list for browsers that do not have JS enabled -->
+<ul id="languages" class="os">
<li><a href="/en">English - v4.0</a></li>
<li><a href="/ar">العربية <span class="tip">tip</span></a></li>
<li><a href="/cs">Čeština - v4.0</a></li>
<li><a href="/sv">svenska - v4.0</a></li>
<li><a href="/tr">Türkçe - v4.0</a></li>
<li><a class="current" href="/zh-hans">简体中文 <span class="tip">tip</span></a></li>
-<li><a href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"><strong><span style="color: #2F5FAA;">帮助翻译</span></strong></a></li>
- </ul>
-
- <ul id="menu" class="os">
- <li class="spacer">
- <a href="index.html">GNU/Linux</a>
- </li>
- <li>
- <a href="mac.html">Mac OS</a>
- </li>
- <li>
- <a href="windows.html">Windows</a>
- </li>
- <li class="spacer"><a href="workshops.html" class="current">让你的朋友也学会</a></li>
- <li class="spacer">
- <a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email encryption for everyone via %40fsf">
- 分享
- <img src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png" class="share-logo" alt="[GNU Social]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png" class="share-logo" alt="[Pump.io]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png" class="share-logo" alt="[Reddit]" />
- <img src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png" class="share-logo" alt="[Hacker News]" />
- </a>
- </li>
- </ul>
- <!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
- <div id="fsf-intro">
- <h3>
- <a href="http://u.fsf.org/ys">
- <img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" />
- </a>
- </h3>
- <div class="fsf-emphasis">
- <p>
- We want to translate this guide
- into more languages, and make a version for encryption on mobile
- devices. Please donate, and help people around the world take the first
- step towards protecting their privacy with free software.
- </p>
- </div>
-
- <p><a href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img alt="Donate" src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png" /></a> </p>
-
- </div><!-- End #fsf-intro -->
-
- <!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
- <div class="intro">
- <p>
- <a id="infographic" href="https://emailselfdefense.fsf.org/en/infographic.html"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png" alt="View & share our infographic →" /></a>
- Understanding and setting up email encryption sounds like a daunting task to many people. That's why helping your friends with GnuPG plays such an important role in helping spread encryption. Even if only one person shows up, that's still one more person using encryption who wasn't before. You have the power to help your friends keep their digital love letters private, and teach them about the importance of free software. If you use GnuPG to send and receive encrypted email, you're a perfect candidate for leading a workshop!</p>
-
- </div><!-- End .intro -->
-
- </div>
- </header><!-- End #header -->
-
- <!-- ~~~~~~~~~ Section 1: Get your friends or community interested ~~~~~~~~~ -->
- <section style="padding-top: 0px;" class="row" id="section1">
- <div style="padding-top: 0px;">
-
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro">
- <p style="margin-top: 0px;" class="image"><img src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/workshop-section1.png" alt="A small workshop among friends" /></p>
- <h2><em>#1</em> Get your friends or community interested </h2>
- <p>If you hear friends grumbling about their lack of privacy, ask them if they're interested in attending a workshop on Email Self-Defense. If your friends don't grumble about privacy, they may need some convincing. You might even hear the classic "if you've got nothing to hide, you've got nothing to fear" argument against using encryption.</p>
- <p>Here are some talking points you can use to help explain why it's worth it to learn GnuPG. Mix and match whichever you think will make sense to your community:</p>
-
- </div><!-- End .section-intro -->
-
- <div id="step-aa" class="step">
-
-
- <div class="sidebar">
+<li><a
+href="https://libreplanet.org/wiki/GPG_guide/Translation_Guide"><strong><span
+style="color: #2F5FAA;">Translate!</span></strong></a></li>
+</ul>
+
+<ul id="menu" class="os">
+<li class="spacer"><a href="index.html">GNU/Linux</a></li>
+<li><a href="mac.html">Mac OS</a></li>
+<li><a href="windows.html">Windows</a></li>
+<li><a href="workshops.html" class="current">研讨会</a></li>
+<li><a href="https://fsf.org/share?u=https://u.fsf.org/zb&t=Email encryption
+for everyone via %40fsf">分享
+<img
+src="//static.fsf.org/nosvn/enc-dev0/img/gnu-social.png" class="share-logo"
+alt="[GNU Social]" />
+<img
+src="//static.fsf.org/nosvn/enc-dev0/img/pump.io.png" class="share-logo"
+alt="[Pump.io]" />
+<img
+src="//static.fsf.org/nosvn/enc-dev0/img/reddit-alien.png" class="share-logo"
+alt="[Reddit]" />
+<img
+src="//static.fsf.org/nosvn/enc-dev0/img/hacker-news.png" class="share-logo"
+alt="[Hacker News]" />
+</a></li>
+</ul>
+
+
+<!-- ~~~~~~~~~ FSF Introduction ~~~~~~~~~ -->
+<div id="fsf-intro">
+
+<h3><a href="http://u.fsf.org/ys"><img
+alt="自由软件基金会"
+src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" />
+</a></h3>
+
+<div class="fsf-emphasis">
+
+<p>我们想让本指南翻译成多国语言,并制作移动设备版本的加密版本。请捐款,帮助全世界的人们用自由软件保护他们隐私的第一步。</p>
+
+</div>
+
+<p><a
+href="https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate"><img
+alt="捐款"
+src="//static.fsf.org/nosvn/enc-dev0/img/en/donate.png" /></a></p>
+
+</div>
+
+
+<!-- End #fsf-intro -->
+<!-- ~~~~~~~~~ Guide Introduction ~~~~~~~~~ -->
+<div class="intro">
+
+<p><a id="infographic"
+href="https://emailselfdefense.fsf.org/zh-hans/infographic.html"><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/infographic-button.png"
+alt="查看并分享我们的信息图 →" /></a>理解并设置电子邮件加密对多数人是一项令人畏惧的任务。这就是为什么在帮助朋友使用 GnuPG
+加密时,你的存在至关重要。即便只有一个人到场,那么也至少有一个人开始使用加密了。你有能力帮助你的好友保护他们电子情书的隐私,告诉他们自由软件的重要性。如果你使用
+GnuPG 收发加密邮件,那么你是举办研讨会的最佳人选。</p>
+
+</div>
+<!-- End .intro -->
+</div></header>
+
+
+<!-- End #header -->
+<!-- ~~~~~~~~~ Section 1: Get your friends or community interested ~~~~~~~~~
+-->
+<section style="padding-top: 0px;" class="row" id="section1">
+<div style="padding-top: 0px;">
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro">
+
+<p style="margin-top: 0px;" class="image"><img
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/workshop-section1.png"
+alt="小研讨会" /></p>
+
+<h2><em>#1</em> 让你的朋友和社区感兴趣 </h2>
+
+<p>如果你听过朋友抱怨他们缺乏隐私,询问他们是否愿意出席 Email Self-Defense
+研讨会。如果你的朋友并未抱怨过,你可能需要说服他们。你甚至可能会听到经典的“光明磊落的人无可畏惧”的论据来反对使用加密。</p>
+
+<p>下面是你可以用来解释的为什么值得学习 GnuPG 要点。并结合自己的观点,为什么它对你的社区有意义:</p>
+
+</div>
+<!-- End .section-intro -->
+<div id="step-aa" class="step">
+<div class="sidebar">
+
<!-- Workshops image commented out from here, to be used above instead.
- <p><img id="workshops-image" src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/workshop-section1.png" alt="Workshop icon"></p>-->
- </div><!-- /.sidebar -->
- <div class="main">
- <h3>Strength in numbers</h3>
- <p>Each person who chooses to resist mass surveillance with encryption makes it easier for others to resist as well. People normalizing the use of strong encryption has multiple powerful effects: it means those who need privacy the most, like potential whistle-blowers and activists, are more likely to learn about encryption. More people using encryption for more things also makes it harder for surveillance systems to single out those that can't afford to be found, and shows solidarity with those people.</p>
- </div><!-- End .main -->
+<p>
+<img id="workshops-image"
+src="//static.fsf.org/nosvn/enc-dev0/img/en/screenshots/workshop-section1.png"
+alt="Workshop icon"></p>-->
+</div>
+<!-- /.sidebar -->
+<div class="main">
+
+<h3>众人拾柴火焰高</h3>
+
+<p>每个使用加密反抗大规模监控的人,同时让对方更容易反抗。普遍使用强加密有着多种强大的效果:这意味着那些最需要隐私的人,潜在的告密者和活动认识更有可能接触到加密。越多的人对越多的事物使用加密的同时,监控系统查找信息的成本会无法负担。</p>
+
+</div>
+<!-- End .main -->
+<div class="main">
+
+<h3>你所尊敬的人可能已经在使用加密</h3>
+
+<p>许多记者,告密者,活动人士以及研究者在使用 GnuPG,因此你的喷有可能不知不觉中听说过几位在使用它的人了。你可以搜索 "BEGIN PUBLIC
+KEY BLOCK" 加上关键词,制作出一个在使用 GnuPG 人物和组织列表,其中你的社区能够认出他们。</p>
+
+</div>
+<!-- End .main -->
+<div class="main">
+
+<h3>尊重朋友的隐私</h3>
+
+<p>没有办法判断是否存在隐私敏感的通信。因此,不要因为你觉得发给发给朋友的信件无关紧要而假定它不隐私敏感。</p>
+
+</div>
+<!-- End .main -->
+<div class="main">
- <div class="main">
- <h3>People you respect may already be using encryption</h3>
- <p>Many journalists, whistleblowers, activists, and researchers use GnuPG, so your friends might unknowingly have heard of a few people who use it already. You can search for "BEGIN PUBLIC KEY BLOCK" + keyword to help make a list of people and organizations who use GnuPG whom your community will likely recognize.</p>
- </div><!-- End .main -->
+<h3>隐私技术在现实世界很常见</h3>
- <div class="main">
- <h3>Respect your friends' privacy</h3>
- <p>There's no objective way to judge what constitutes privacy-sensitive correspondence. As such, it's better not to presume that just because you find an email you sent to a friend innocuous, your friend (or a surveillance agent, for that matter!) feels the same way. Show your friends respect by encrypting your correspondence with them.</p>
- </div><!-- End .main -->
+<p>在现实世界,我们拉上百叶窗,信封包装以及关闭房门来作为保护我们隐私的手段。为什么数字世界要有不同?</p>
+</div>
+<!-- End .main -->
+<div class="main">
- <div class="main">
- <h3>Privacy technology is normal in the physical world</h3>
- <p>In the physical realm, we take window blinds, envelopes, and closed doors for granted as ways of protecting our privacy. Why should the digital realm be any different?</p>
- </div><!-- End .main -->
+<h3>我们不应当信任邮件服务提供商给予的隐私</h3>
- <div class="main">
- <h3>We shouldn't have to trust our email providers with our privacy</h3>
- <p>Some email providers are very trustworthy, but many have incentives not to protect your privacy and security. To be empowered digital citizens, we need to build our own security from the bottom up.</p>
- </div><!-- End .main -->
+<p>有些邮件提供商非常值得信赖,但绝大多数提供商并没有保护你隐私和安全的动机。我们需要从“下层建筑”建立起自己的安全,才能成为数字公民。</p>
+</div>
+<!-- End .main -->
+</div>
+<!-- End #step-aa .step -->
+</div></section>
- </div><!-- End #step-2a .step -->
- </div>
- </section><!-- End #section1 -->
+<!-- End #section1 -->
+<!-- ~~~~~~~~~ Section 2: Plan The Workshop ~~~~~~~~~ -->
+<section class="row" id="section2"><div>
- <!-- ~~~~~~~~~ Section 2: Plan The Workshop ~~~~~~~~~ -->
- <section class="row" id="section2">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro" style="border: none; padding-bottom: 0px; margin-bottom: 0px;">
- <h2><em>#2</em> Plan The Workshop</h2>
- <p>Once you've got at least one interested friend, pick a date and start planning out the workshop. Tell participants to bring their computer and ID (for signing each other's keys). If you'd like to make it easy for the participants to use Diceware for choosing passwords, get a pack of dice beforehand. Make sure the location you select has an easily accessible Internet connection, and make backup plans in case the connection stops working on the day of the workshop. Libraries, coffee shops, and community centers make great locations. Try to get all the participants to set up an Enigmail-compatible email client before the event. Direct them to their email provider's IT department or help page if they run into errors.</p>
- <p>Estimate that the workshop will take at least forty minutes plus ten minutes for each participant. Plan extra time for questions and technical glitches.</p>
- <p>The success of the workshop requires understanding and catering to the unique backgrounds and needs of each group of participants. Workshops should stay small, so that each participant receives more individualized instruction. If more than a handful of people want to participate, keep the facilitator to participant ratio high by recruiting more facilitators, or by facilitating multiple workshops. Small workshops among friends work great!</p>
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro" style="border: none; padding-bottom: 0px;
+margin-bottom: 0px;">
- </div><!-- End .section-intro -->
+<h2><em>#2</em> 计划一场研讨会</h2>
- </div>
- </section><!-- End #section2 -->
+<p>你和至少一位感兴趣的朋友约好时间,便可以筹备研讨会了。告诉与会者带上他们的计算机和 ID(用于相互签名)。预先准备好骰子,这样你的朋友用
+Diceware
+方法生成密码会方便很多。确保你定的地点能方便上网,并做好研讨会当天断网的预案。图书馆,咖啡店以及社区中心都是合适地点之选。试着让与会者在会前安装
+Enigmail 兼容的邮件客户端。如果他们遇到问题,直接联系邮件提供商的 IT 部门。</p>
- <!-- ~~~~~~~~~ Section 3: Follow The Guide ~~~~~~~~~ -->
- <section class="row" id="section3">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro" style="border: none; padding-bottom: 0px; margin-bottom: 0px;">
- <h2><em>#3</em> Follow the guide as a group</h2>
- <p>Work through the Email Self-Defense guide a step at a time as a group. Talk about the steps in detail, but make sure not to overload the participants with minutia. Pitch the bulk of your instructions to the least tech-savvy participants. Make sure all the participants complete each step before the group moves on to the next one. Consider facilitating secondary workshops afterwards for people that had trouble grasping the concepts, or those that grasped them quickly and want to learn more.</p>
- <p>In <a href="index.html#section2">Section 2</a> of the guide, make sure the participants upload their keys to the same keyserver so that they can immediately download each other's keys later (sometimes there is a delay in synchronization between keyservers). During <a href="index.html#section3">Section 3</a>, give the participants the option to send test messages to each other instead of or as well as Edward. Similarly, in <a href="index.html#section4">Section 4</a>, encourage the participants to sign each other's keys. At the end, make sure to remind people to safely back up their revocation certificates.</p>
+<p>预计研讨会将持续四十分钟,每多一位与会者将额外花费十分钟。请准备好额外的时间应对问题和技术故障。</p>
- </div><!-- End .section-intro -->
- </div>
- </section>
+<p>研讨会的成功取决于了解每一位与会者的背景并满足他们的需求。研讨会应当尽可能的小,每位与会者都能受到个性化的指导。如果想要参与的人超出了你所能应付的范围,那么保持较高的主持者与与会者之比,或者举办多场研讨会。小型的研讨会往往效果更好。</p>
+
+</div>
+<!-- End .section-intro -->
+</div></section>
- <!-- ~~~~~~~~~ Section 4: Explain the pitfalls ~~~~~~~~~ -->
- <section class="row" id="section4">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro" style="border: none; padding-bottom: 0px; margin-bottom: 0px;">
- <h2><em>#4</em> Explain the pitfalls</h2>
- <p>Remind participants that encryption works only when it's explicitly used; they won't be able to send an encrypted email to someone who hasn't already set up encryption. Also remind participants to double-check the encryption icon before hitting send, and that subjects and timestamps are never encrypted.</p>
- <p> Explain the <a href="https://www.gnu.org/proprietary/proprietary.html">dangers of running a proprietary system</a> and advocate for free software, because without it, we can't <a href="https://www.fsf.org/bulletin/2013/fall/how-can-free-software-protect-us-from-surveillance">meaningfully resist invasions of our digital privacy and autonomy</a>.</p>
+<!-- End #section2 -->
+<!-- ~~~~~~~~~ Section 3: Follow The Guide ~~~~~~~~~ -->
+<section class="row" id="section3"><div>
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro" style="border: none; padding-bottom: 0px;
+margin-bottom: 0px;">
- </div><!-- End .section-intro -->
+<h2><em>#3</em> 分组学习指南</h2>
- </div>
- </section><!-- End #section4 -->
+<p>分小组完成 Email Self-Defense
+指南中的步骤。具体而微地解释步骤,但确保不要超过与会者理解的上限。对于技术娴熟的与会者,可以大大提高指示的难度。确保组内成员完成了一步后再进行下一步。考虑后续为理解概念有困难的人,迅速掌握又想学到更多新知识的人提供第二次辅导研讨会。</p>
- <!-- ~~~~~~~~~ Section 5: Explain The Pitfalls ~~~~~~~~~ -->
- <section id="section5" class="row">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro" style="border: none; padding-bottom: 0px; margin-bottom: 0px;">
- <h2><em>#5</em> Share additional resources</h2>
- <p>GnuPG's advanced options are far too complex to teach in a single workshop. If participants want to know more, point out the advanced subsections in the guide and consider organizing another workshop. You can also share <a href="https://www.gnupg.org/documentation/index.html">GnuPG's</a> and <a href="https://www.enigmail.net/documentation/index.php">Enigmail's</a> official documentation and mailing lists. Many GNU/Linux distribution's Web sites also contain a page explaining some of GnuPG's advanced features.</p>
+<p>在本指南的 <a href="index.html#section2">Section 2</a>
+,确保每一位与会者都上传公钥到相同服务器(有时密钥服务器之间同步有延迟),他们可以立即下载各自的公钥。在 <a
+href="index.html#section3">Section 3</a>,让与会者有时间相互发送测试邮件,而不是给爱德华发邮件。相似地,在 <a
+href="index.html#section4">Section
+4</a>,鼓励与会者相互对彼此公钥签名。最后,提醒他们将吊销证书确保保存在安全的地方。</p>
- </div><!-- End .section-intro -->
+</div>
+<!-- End .section-intro -->
+</div></section>
- </div>
- </section><!-- End #section5 -->
+<!-- ~~~~~~~~~ Section 4: Explain the pitfalls ~~~~~~~~~ -->
+<section class="row" id="section4"><div>
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro" style="border: none; padding-bottom: 0px;
+margin-bottom: 0px;">
- <!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
- <section class="row" id="section6">
- <div>
- <!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
- <div class="section-intro" style="border: none; padding-bottom: 0px; margin-bottom: 0px;">
- <h2><em>#6</em> Follow up</h2>
- <p>Make sure everyone has shared email addresses and public key fingerprints before they leave. Encourage the participants to continue to gain GnuPG experience by emailing each other. Send them each an encrypted email one week after the event, reminding them to try adding their public key ID to places where they publicly list their email address.</p>
- <p>If you have any suggestions for improving this workshop guide, please let us know at <a href="mailto:campaigns@fsf.org">campaigns@fsf.org</a>.</p>
+<h2><em>#4</em> 说明容易犯的错误</h2>
- </div><!-- End .section-intro -->
+<p>提醒与会者,加密只有在明确使用时才有效;他们无法向未设置加密的人发送加密信件。同时提醒与会者,在点击发送前再次检查加密图标,以及邮件主题和时间戳从来不会被加密。</p>
+<p> 解释<a
+href="https://www.gnu.org/proprietary/proprietary.html">运行专有操作系统的危险</a>,并倡导自由软件,因为没有后者,我们就无法<a
+href="https://www.fsf.org/bulletin/2013/fall/how-can-free-software-protect-us-from-surveillance">行之有效地对抗对我们数字隐私和自治的侵犯</a>。</p>
+
+</div>
+<!-- End .section-intro -->
+</div></section>
- </div>
- </section><!-- End #section6 -->
- <!-- ~~~~~~~~~ FAQ ~~~~~~~~~ -->
- <!-- When un-commenting this section go to main.css and search
- for /* Guide Sections Background */ then add #faq to the desired color
+<!-- End #section4 -->
+<!-- ~~~~~~~~~ Section 5: Explain The Pitfalls ~~~~~~~~~ -->
+<section id="section5" class="row"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro" style="border: none; padding-bottom: 0px;
+margin-bottom: 0px;">
+
+<h2><em>#5</em> 分享额外资源</h2>
+
+<p>GnuPG 的高级操作太复杂以至于无法在一场研讨会上教授完毕。如果与会者想了解更多,告诉他们本指南中有进阶章节,或者考虑参加下一场研讨会。你也可以分享
+<a href="https://www.gnupg.org/documentation/index.html">GnuPG</a> 和<a
+href="https://www.enigmail.net/documentation/index.php">Enigmail</a>
+的官方文档和邮件列表。许多 GNU/Linux 发行版也提供了一些对 GnuPG 高级功能的说明页面。</p>
- <section class="row" id="faq">
- <div>
- <div class="sidebar">
- <h2>FAQ</h2>
</div>
+<!-- End .section-intro -->
+</div></section>
+
+
+<!-- End #section5 -->
+<!-- ~~~~~~~~~ Section 6: Next steps ~~~~~~~~~ -->
+<section class="row" id="section6"><div>
+
+
+<!-- ~~~~~~~~~ section introduction: interspersed text ~~~~~~~~~ -->
+<div class="section-intro" style="border: none; padding-bottom: 0px;
+margin-bottom: 0px;">
+
+<h2><em>#6</em> 坚持到底</h2>
+
+<p>确保所有人在离开前交换了电子邮箱地址和公钥指纹。通过互相发送邮件,鼓励与会者继续使用
+GnuPG。在活动结束一周后,给他们各自发送一封加密邮件,提醒他们将公钥 ID 放置在他们公开邮箱地址的地方。</p>
+<p>如果你有任何对本指南的建议,请来信 <a href="mailto:campaigns@fsf.org">campaigns@fsf.org</a>
+告知我们。</p>
+
+</div>
+<!-- End .section-intro -->
+</div></section>
+
+
+
+
+
+<!-- End #section6 -->
+<!-- ~~~~~~~~~ FAQ ~~~~~~~~~ -->
+<!-- When un-commenting this section go to main.css and search
+for /* Guide Sections Background */ then add #faq to the desired color
+<section class="row" id="faq">
+<div>
+<div class="sidebar">
+
+<h2>FAQ</h2>
+
+</div>
<div class="main">
+
<dl>
<dt>My key expired</dt>
<dd>Answer coming soon.</dd>
<dt>Who can read encrypted messages? Who can read signed ones?</dt>
<dd>Answer coming soon.</dd>
-<dt>My email program is opening at times I don't want it to open/is now my default program and I don't want it to be.</dt>
+<dt>My email program is opening at times I don't want it to open/is now my
+default program and I don't want it to be.</dt>
<dd>Answer coming soon.</dd>
</dl>
+
</div>
</div>
-</section> --><!-- End #faq -->
-
-<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
- <footer class="row" id="footer">
- <div>
- <div id="copyright">
- <h4><a href="https://u.fsf.org/ys"><img alt="Free Software Foundation" src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
- <p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software Foundation</a>, Inc. <a href="https://my.fsf.org/donate/privacypolicy.html">Privacy Policy</a>. Please support our work by <a href="https://u.fsf.org/yr">joining us as an associate member.</a></p>
-
-<p>The images on this page are under a <a href="https://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 license (or later version)</a>, and the rest of it is under a <a href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download the <a href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">source code of Edward reply bot</a> by Andrew Engelbrecht <sudoman@ninthfloor.org> and Josh Drake <zamnedix@gnu.org>, available under the GNU Affero General Public License. <a href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">Why these licenses?</a></p>
-
-<p>Fonts used in the guide & infographic: <a href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> by Pablo Impallari, <a href="http://www.google.com/fonts/specimen/Signika">Signika</a> by Anna Giedryś, <a href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo Narrow</a> by Omnibus-Type, <a href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a> by Florian Cramer.</p>
+</section> -->
+<!-- End #faq -->
+<!-- ~~~~~~~~~ Footer ~~~~~~~~~ -->
+<footer class="row" id="footer"><div>
+<div id="copyright">
+
+<h4><a href="https://u.fsf.org/ys"><img
+alt="自由软件基金会"
+src="//static.fsf.org/nosvn/enc-dev0/img/fsf-logo.png" /></a></h4>
+
+<p>Copyright © 2014-2016 <a href="https://u.fsf.org/ys">Free Software
+Foundation</a>, Inc. <a
+href="https://my.fsf.org/donate/privacypolicy.html">隐私政策</a>. <a
+href="https://u.fsf.org/yr">成为会员</a>,以支持我们的工作。</p>
+
+<p>此页面上的图片采用 <a href="https://creativecommons.org/licenses/by/4.0/">知识共享 署名 4.0
+许可协议(或较新版本)</a>进行许可,其余部分以<a
+href="https://creativecommons.org/licenses/by-sa/4.0">知识共享 署名-相同方式 4.0 许可协议
+(或较新版本)</a>进行许可。下载<a
+href="http://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz">爱德华自动回复机器人的源代码</a>
+由 Andrew Engelbrecht <sudoman@ninthfloor.org> 和 Josh Drake
+<zamnedix@gnu.org> 编写,采用 GNU Affero General Public License 许可证进行许可。<a
+href="http://www.gnu.org/licenses/license-list.html#OtherLicenses">为什么要这些许可协议?</a></p>
+
+<p>本指南和信息图所使用的字体:<a
+href="https://www.google.com/fonts/specimen/Dosis">Dosis</a> 由 Pablo
+Impallari 设计, <a
+href="http://www.google.com/fonts/specimen/Signika">Signika</a> 由 Anna
+Giedryś 设计,<a
+href="http://www.google.com/fonts/specimen/Archivo+Narrow">Archivo
+Narrow</a> 由 Omnibus-Type 设计,<a
+href="https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls">PXL-2000</a>
+由 Florian Cramer 设计。</p>
+
+<p>下载本指南(包含字体,图片文件和爱德华邮件的文本)的<a href="emailselfdefense_source.zip">源码包</a>。</p>
+
+<p>本站使用 Weblabels 标准标记 <a href="https://www.fsf.org/campaigns/freejs">自由的
+JavaScript</a>。 查看 JavaScript <a
+href="//weblabels.fsf.org/emailselfdefense.fsf.org/"
+rel="jslicense">源代码和许可证信息</a>。</p>
-<p>Download the <a href="emailselfdefense_source.zip">source package</a> for this guide, including fonts, image source files and the text of Edward's messages.</p>
+</div>
-<p>This site uses the Weblabels standard for labeling <a href="https://www.fsf.org/campaigns/freejs">free JavaScript</a>. View the JavaScript <a href="//weblabels.fsf.org/emailselfdefense.fsf.org/" rel="jslicense">source code and license information</a>.</p>
- </div><!-- /#copyright -->
- <p class="credits">
- Infographic and guide design by <a rel="external" href="http://jplusplus.org"><strong>Journalism++</strong> <img src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png" alt="Journalism++" /></a>
- </p><!-- /.credits -->
- </div>
- </footer><!-- End #footer -->
+<!-- /#copyright -->
+<p class="credits">信息图和指南设计由 <a rel="external"
+href="http://jplusplus.org"><strong>Journalism++</strong> <img
+src="//static.fsf.org/nosvn/enc-dev0/img/jplusplus.png"
+alt="Journalism++" /></a></p>
+<!-- /.credits -->
+</div></footer>
+<!-- End #footer -->
<script src="//static.fsf.org/nosvn/enc-dev0/js/jquery-1.11.0.min.js"></script>
<script src="//static.fsf.org/nosvn/enc-dev0/js/scripts.js"></script>
+
<!-- Piwik -->
<script type="text/javascript" >
// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
} catch( err ) {}
// @license-end
</script><noscript><p><img src="//piwik.fsf.org/piwik.php?idsite=13" style="border:0" alt="" /></p></noscript>
-<!-- End Piwik Tracking Code -->
+
+<!-- End Piwik Tracking Code -->
</body>
</html>
projects / enc.git / commitdiff