From a4eb392616d5ed14380e765da9f1b2793f5c820d Mon Sep 17 00:00:00 2001 From: zoe1 Date: Tue, 13 Jul 2021 00:41:41 +0200 Subject: [PATCH] edits comments Johnh --- en/index.html | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/en/index.html b/en/index.html index 1cd5f1a..526d1b0 100644 --- a/en/index.html +++ b/en/index.html @@ -445,7 +445,7 @@ window.addEventListener("keydown", function (event) { @@ -628,7 +628,7 @@ page.
Use a third-party package manager to install GnuPG
Your macOS comes with a terminal pre-installed, which we'll use to setup your encryption with GnuPG. However, the default macOS package manager makes it difficult to install GnuPG and other pieces of free software (like Emacs, GIMP, or Inkscape).

-To make things easier, we recommend setting up the third-party package manager "Homebrew" to install GnuPG. Copy the link on the home page of Homebrew and paste it in your Terminal. Click "Enter" and wait for it to finalize.

+To make things easier, we recommend setting up the third-party package manager "Homebrew" to install GnuPG. Copy the link on the home page of Homebrew and paste it in your terminal. Click "Enter" and wait for it to finalize.

When it is done, install the program by entering the following code:

brew install gnupg gnupg2. After installation is done, you can follow the steps of the rest of this guide.
@@ -657,7 +657,7 @@ Open the "Powershell" and follow the steps of the rest of this guide.
-

GnuPG,OpenPGP, what?

+

GnuPG, OpenPGP, what?

In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP are used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the @@ -850,8 +850,8 @@ takes a few hours for them to match each other when a new key is uploaded.

Troubleshooting

-
My key is doesn't seem to be working or I get a "permission denied".
-
Like everything other file or folder, gpg keys are subject to permissions. If these are not set correctly, your system may not be accepting your keys, you can follow the next steps to check, and update to the right permissions.

+
My key doesn't seem to be working or I get a "permission denied".
+
Like every other file or folder, gpg keys are subject to permissions. If these are not set correctly, your system may not be accepting your keys. You can follow the next steps to check, and update to the right permissions.

# Check your permissions: ls -l ~/.gnupg/*

# Set permissions to read, write, execute for only yourself, no others. This is the recommended permission for your folder, you can use the code @@ -883,7 +883,7 @@ href="https://www.gnupg.org/gph/en/manual/x56.html#AEN64">directly export your key as a file on your computer.
Transferring your keys
-
Use the following commands transfer your keys. To avoid getting your key compromised, store it in a safe place, and make sure that if it is transferred, it is done so in a trusted way. Importing and exporting a key can be done with the following commands:

+
Use the following commands to transfer your keys. To avoid getting your key compromised, store it in a safe place, and make sure that if it is transferred, it is done so in a trusted way. Importing and exporting a key can be done with the following commands:

$ gpg --export-secret-keys -a keyid > my_private_key.asc

@@ -895,14 +895,14 @@ $ gpg --import my_private_key.asc

$ gpg --import my_public_key.asc

 -Ensure that the Key ID printed is the correct one, and if so, then go ahead and add ultimate trust for it:

+Ensure that the keyID printed is the correct one, and if so, then go ahead and add ultimate trust for it:

$ gpg --edit-key [your@email]

 Because this is your key, you should choose ultimate. You shouldn't trust anyone else's key ultimately. -

Refer to troubleshoot in step 2.B for more information on permissions. When transferring keys, your permissions may get mixed, and errors may be prompted. These have are easily avoided when your folders and files have the right permissions

+

Refer to troubleshoot in step 2.B for more information on permissions. When transferring keys, your permissions may get mixed, and errors may be prompted. These are easily avoided when your folders and files have the right permissions

@@ -948,7 +948,7 @@ Once you have set up your email with encryption, you can start contributing to e

# Select the file you saved under the name [my_secret_key.asc] in step step 3.b when you exported your key

# Unlock with your passphrase

# You will receive a "OpenPGP keys successfully imported" window to confirm success

-

# Go to "Edit" (in Icedove) or "Tools" (in Thunderbird) → "Account settings" → "End-To-End Encryption", and make sure your key is imported and select Treat this key as a Personal Key.

+

# Go to "Edit" (in Icedove) or "Tools" (in Thunderbird) → "Account settings" → "End-To-End Encryption," and make sure your key is imported and select Treat this key as a Personal Key.

@@ -981,7 +981,7 @@ page.

#4 Try it out!

Illustration of a person in a house with a cat connected to a server

-

Now you'll try a test correspondence with a computer program named Edward, +

Now you'll try a test correspondence with an FSF computer program named Edward, who knows how to use encryption. Except where noted, these are the same steps you'd follow when corresponding with a real, live person.

@@ -1006,7 +1006,7 @@ alt="Step 4.A Send key to Edward." />

This is a special step that you won't have to do when corresponding with real people. In your email program's menu, go to "Tools" → "OpenPGP Key -Manager". You should see your key in the list that pops up. Right click +Manager." You should see your key in the list that pops up. Right click on your key and select Send Public Keys by Email. This will create a new draft message, as if you had just hit the "Write" button, but in the attachment you will find your public keyfile.

Address the message to edward-en@fsf.org. Put at least one word

It may take two or three minutes for Edward to respond. In the meantime, you might want to skip ahead and check out the Use it Well section of this guide. Once he's responded, +href="#section6">Use it Well section of this guide. Once you received a response, head to the next step. From here on, you'll be doing just the same thing as when corresponding with a real person.

@@ -1060,9 +1060,9 @@ Edward's private key is required to decrypt it. Edward is the only one with its private key, so no one except Edward can decrypt it.


-
Send Edward an encrpyted email
+
Send Edward an encrypted email
-

# Write a new email in your email program, addressed to Write a new email in your email program, addressed to edward-en@fsf.org. Make the subject "Encryption test" or something similar and write something in the body.

@@ -1080,7 +1080,7 @@ href="mailto:edward-en@fsf.org">edward-en@fsf.org. Make the subject
You may be trying to send an encrypted email to someone when you do not have their public key yet. Make sure you follow the steps above to import the key to your key manager. Open OpenPGP Key Manager to make sure the recipient is listed there.
Unable to send message
-
You could get the following message when trying to send your encrypted email: "Unable to send this message with end-to-end encryption, because there are problems with the keys of the following recipients: edward-en@fsf.org." This usually means you imported the key with the "unaccepted (unverified) option, if you go to the "key properties" of this key by right clicking on the key in the OpenPGP Key Manager, you can select the option Yes, but I have not verified that this is the correct key. in the "Acceptance" option at the bottom of this window. Resend the email.
+
You could get the following message when trying to send your encrypted email: "Unable to send this message with end-to-end encryption, because there are problems with the keys of the following recipients: edward-en@fsf.org." This usually means you imported the key with the "unaccepted (unverified) option," if you go to the "key properties" of this key by right clicking on the key in the OpenPGP Key Manager, you can select the option Yes, but I have not verified that this is the correct key. in the "Acceptance" option at the bottom of this window. Resend the email.
I can't find Edward's key
Close the pop-ups that have appeared since you clicked Send. Make sure @@ -1134,7 +1134,7 @@ independent of the actual email.

For greater security against potential attacks, you can turn off HTML. Instead, you can render the message body as plain text. In order -to do this in Thunderbird, go to View > Message Body As > Plain +to do this in email clients based on Thunderbird, go to View > Message Body As > Plain Text.

@@ -1186,7 +1186,7 @@ they don't have GnuPG, they will be able to read your message and see your signature. If they do have GnuPG, they'll also be able to verify that your signature is authentic.

-

To sign an email to Edward, compose any message to him and click the +

To sign an email to Edward, compose any message to the email address and click the pencil icon next to the lock icon so that it turns gold. If you sign a message, GnuPG may ask you for your password before it sends the message, because it needs to unlock your private key for signing.

@@ -1270,7 +1270,7 @@ alt="Section 5: trusting a key" />

In your email program's menu, go to OpenPGP Key Manager and select Key properties by right clicking on Edward's key.

-

Under "Your Acceptance", you can select Yes, I've verified in person this key has the correct fingerprint"

+

Under "Your Acceptance," you can select Yes, I've verified in person this key has the correct fingerprint"

You've just effectively said "I trust that Edward's public key actually belongs to Edward." This doesn't mean much because Edward isn't @@ -1311,8 +1311,8 @@ wherever you share your email address, so that people can double-check that they have the correct public key when they download yours from a keyserver.

You may also see public keys referred to by a shorter -key ID. This key ID is visible directly from the Key Management -window. These eight character key IDs were previously used for +keyID. This keyID is visible directly from the Key Management +window. These eight character keyIDs were previously used for identification, which used to be safe, but is no longer reliable. You need to check the full fingerprint as part of verifying you have the correct key for the person you are trying to contact. Spoofing, in @@ -1334,7 +1334,7 @@ belongs to them, and that they are who they say they are. Ideally, this confidence comes from having interactions and conversations with them over time, and witnessing interactions between them and others. Whenever signing a key, ask to see the full public key fingerprint, and not just the shorter -key ID. If you feel it's important to sign the key of someone you've just +keyID. If you feel it's important to sign the key of someone you've just met, also ask them to show you their government identification, and make sure the name on the ID matches the name on the public key.

@@ -1347,7 +1347,7 @@ sure the name on the ID matches the name on the public key.

Master the Web of Trust
Unfortunately, trust does not spread between users the way many people -think. One of best ways to strengthen the GnuPG community is to deeply . One of the best ways to strengthen the GnuPG community is to deeply understand the Web of Trust and to carefully sign as many people's keys as circumstances permit.
-- 2.25.1