msgid "Email Self-Defense - a guide to fighting surveillance with GnuPG encryption" msgstr "" #. type: Attribute 'content' of: <html><head><meta> msgid "" "GnuPG, GPG, openpgp, surveillance, privacy, email, security, GnuPG2, " "encryption" msgstr "" #. type: Attribute 'content' of: <html><head><meta> msgid "" "Email surveillance violates our fundamental rights and makes free speech " "risky. This guide will teach you email self-defense in 40 minutes with " "GnuPG." msgstr "" #. type: Attribute 'content' of: <html><head><meta> msgid "width=device-width, initial-scale=1" msgstr "" #. type: Content of: <html><body><header><div><p> msgid "" "<strong>Please check your email for a confirmation link now. Thanks for " "joining our list!</strong>" msgstr "" #. type: Content of: <html><body><header><div><p> msgid "" "If you don't receive the confirmation link, send us an email at info@fsf.org " "to be added manually." msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><p><img> msgid "Try it out." msgstr "" #. type: Content of: <html><body><header><div><p> msgid "Join us on microblogging services for day-to-day updates:" msgstr "" #. type: Content of: <html><body><section><div><div><div><p><a> msgid "<a href=\"https://status.fsf.org/fsf\">" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> msgid "[GNU Social]" msgstr "" #. type: Content of: <html><body><section><div><div><div><p><a> msgid " GNU Social</a> | <a href=\"https://hostux.social/@fsf\">" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> msgid "[Mastodon]" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" " Mastodon</a> | <a " "href=\"https://www.twitter.com/fsf\">Twitter</a>" msgstr "" #. type: Content of: <html><body><header><div><p> msgid "" "<small><a href=\"https://www.fsf.org/twitter\">Read why GNU Social and " "Mastodon are better than Twitter.</a></small>" msgstr "" #. type: Content of: <html><body><header><div><p> msgid "← Return to <a href=\"index.html\">Email Self-Defense</a>" msgstr "" #. type: Content of: <html><body><footer><div><div><h4><a> msgid "<a href=\"https://u.fsf.org/ys\">" msgstr "" #. type: Attribute 'alt' of: <html><body><footer><div><div><h4><a><img> msgid "Free Software Foundation" msgstr "" #. type: Content of: <html><body><footer><div><p> msgid "</a>" msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "Copyright © 2014-2021 <a href=\"https://u.fsf.org/ys\">Free Software " "Foundation</a>, Inc. <a " "href=\"https://my.fsf.org/donate/privacypolicy.html\">Privacy " "Policy</a>. Please support our work by <a " "href=\"https://u.fsf.org/yr\">joining us as an associate member.</a>" msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "The images on this page are under a <a " "href=\"https://creativecommons.org/licenses/by/4.0/\">Creative Commons " "Attribution 4.0 license (or later version)</a>, and the rest of it is under " "a <a href=\"https://creativecommons.org/licenses/by-sa/4.0\">Creative " "Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download " "the <a " "href=\"https://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz\"> " "source code of Edward reply bot</a> by Andrew Engelbrecht " "<andrew@engelbrecht.io> and Josh Drake <zamnedix@gnu.org>, " "available under the GNU Affero General Public License. <a " "href=\"https://www.gnu.org/licenses/license-list.html#OtherLicenses\">Why " "these licenses?</a>" msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "Fonts used in the guide & infographic: <a " "href=\"https://www.google.com/fonts/specimen/Dosis\">Dosis</a> by Pablo " "Impallari, <a " "href=\"https://www.google.com/fonts/specimen/Signika\">Signika</a> by Anna " "Giedryś, <a " "href=\"https://www.google.com/fonts/specimen/Archivo+Narrow\">Archivo " "Narrow</a> by Omnibus-Type, <a " "href=\"https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls\">PXL-2000</a> " "by Florian Cramer." msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "Download the <a href=\"emailselfdefense_source.zip\">source package</a> for " "this guide, including fonts, image source files and the text of Edward's " "messages." msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "This site uses the Weblabels standard for labeling <a " "href=\"https://www.fsf.org/campaigns/freejs\">free JavaScript</a>. View the " "JavaScript <a href=\"https://weblabels.fsf.org/emailselfdefense.fsf.org/\" " "rel=\"jslicense\">source code and license information</a>." msgstr "" #. type: Content of: <html><body><footer><div><p><a> msgid "" "Infographic and guide design by <a rel=\"external\" " "href=\"https://jplusplus.org\"><strong>Journalism++</strong>" msgstr "" #. type: Attribute 'alt' of: <html><body><footer><div><p><a><img> msgid "Journalism++" msgstr "" #. type: Content of: <html><body><header><div><h1> msgid "Email Self-Defense" msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "" "<strong><a " "href=\"https://libreplanet.org/wiki/GPG_guide/Translation_Guide\"> " "Translate!</a></strong>" msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "<a href=\"index.html\" class=\"current\">Set up guide</a>" msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "<a href=\"workshops.html\">Teach your friends</a>" msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "" "<a " "href=\"http://hhldo3tnt5solzj2bwfvh7xm4slk2forpjwjyemhcfrlob5gq75gioid.onion/en\" " "target=\"_blank\">This site's tor onion service</a>" msgstr "" #. type: Content of: <html><body><header><div><ul><li><a> msgid "" "<a " "href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Email%20encryption%20for%20everyone%20via%20%40fsf\"> " "Share " msgstr "" #. type: Content of: <html><body><header><div><ul><li><a> msgid " " msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> msgid "[Reddit]" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> msgid "[Hacker News]" msgstr "" #. type: Content of: <html><body><header><div><div><div><p> msgid "" "We fight for computer users' rights, and promote the development of free (as " "in freedom) software. Resisting bulk surveillance is very important to us." msgstr "" #. type: Content of: <html><body><header><div><div><div><p> msgid "" "<strong>Please donate to support Email Self-Defense. We need to keep " "improving it, and making more materials, for the benefit of people around " "the world taking the first step towards protecting their privacy.</strong>" msgstr "" #. type: Content of: <html><body><section><div><div><div><p><a> msgid "" "<a " "href=\"https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&mtm_campaign=email_self_defense&mtm_kwd=guide_donate\">" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img> msgid "Donate" msgstr "" #. type: Content of: <html><body><header><div><div><div><h5> msgid "Sign up" msgstr "" #. type: Content of: <html><body><header><div><div><div><form><p> msgid "Enter your email address to receive our monthly newsletter, the" msgstr "" #. type: Content of: <html><body><header><div><div><div><form><p> msgid "" "<a href=\"https://www.fsf.org/free-software-supporter/\">Free Software " "Supporter</a>" msgstr "" #. type: Content of: <html><body><header><div><div><div><form><p> msgid "" "<input id=\"frmEmail\" type=\"text\" name=\"email-Primary\" size=\"18\" " "maxlength=\"80\" />" msgstr "" #. type: Content of: <html><body><header><div><div><div><form><p> msgid "<input type=\"submit\" name=\"_qf_Edit_next\" value=\"Subscribe me\" />" msgstr "" #. type: Content of: <html><body><header><div><div><div><form><div> msgid "" "<input name=\"postURL\" type=\"hidden\" value=\"\" /> <input type=\"hidden\" " "name=\"group[25]\" value=\"1\" /> <input name=\"cancelURL\" type=\"hidden\" " "value=\"https://my.fsf.org/civicrm/profile?reset=1&gid=31\" /> <input " "name=\"_qf_default\" type=\"hidden\" value=\"Edit:cancel\" />" msgstr "" #. type: Content of: <html><body><header><div><div><p><a> msgid "<a id=\"infographic\" href=\"infographic.html\">" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><a><img> msgid "View & share our infographic →" msgstr "" #. type: Content of: <html><body><header><div><div><p> msgid "" "</a> Bulk surveillance violates our fundamental rights and makes free speech " "risky. This guide will teach you a basic surveillance self-defense skill: " "email encryption. Once you've finished, you'll be able to send and receive " "emails that are scrambled to make sure a surveillance agent or thief " "intercepting your email can't read them. All you need is a computer with an " "Internet connection, an email account, and about forty minutes." msgstr "" #. type: Content of: <html><body><header><div><div><p> msgid "" "Even if you have nothing to hide, using encryption helps protect the privacy " "of people you communicate with, and makes life difficult for bulk " "surveillance systems. If you do have something important to hide, you're in " "good company; these are the same tools that whistleblowers use to protect " "their identities while shining light on human rights abuses, corruption, and " "other crimes." msgstr "" #. type: Content of: <html><body><header><div><div><p> msgid "" "In addition to using encryption, standing up to surveillance requires " "fighting politically for a <a " "href=\"https://gnu.org/philosophy/surveillance-vs-democracy.html\">reduction " "in the amount of data collected on us</a>, but the essential first step is " "to protect yourself and make surveillance of your communication as difficult " "as possible. This guide helps you do that. It is designed for beginners, but " "if you already know the basics of GnuPG or are an experienced free software " "user, you'll enjoy the advanced tips and the <a " "href=\"workshops.html\">guide to teaching your friends</a>." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#1</em> Get the pieces" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "This guide relies on software which is <a " "href=\"https://www.gnu.org/philosophy/free-sw.html\">freely licensed</a>; " "it's completely transparent and anyone can copy it or make their own " "version. This makes it safer from surveillance than proprietary software " "(like Windows or macOS). Learn more about free software at <a " "href=\"https://u.fsf.org/ys\">fsf.org</a>." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Most GNU/Linux operating systems come with GnuPG installed on them, so if " "you're running one of these systems, you don't have to download it. If " "you're running macOS or Windows, steps to download GnuPG are below. Before " "configuring your encryption setup with this guide, though, you'll need a " "desktop email program installed on your computer. Many GNU/Linux " "distributions have one installed already, such as Icedove, which may be " "under the alternate name \"Thunderbird.\" Programs like these are another " "way to access the same email accounts you can access in a browser (like " "Gmail), but provide extra features." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 1.A: Install Wizard" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 1.a</em> Set up your email program with your email account" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Open your email program and follow the wizard (step-by-step walkthrough) " "that sets it up with your email account. This usually starts from \"Account " "Settings\" → \"Add Mail Account\". You should get the email server " "settings from your systems administrator or the help section of your email " "account." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><h4> msgid "Troubleshooting" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "The wizard doesn't launch" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You can launch the wizard yourself, but the menu option for doing so is " "named differently in each email program. The button to launch it will be in " "the program's main menu, under \"New\" or something similar, titled " "something like \"Add account\" or \"New/Existing email account.\"" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "The wizard can't find my account or isn't downloading my mail" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Before searching the Web, we recommend you start by asking other people who " "use your email system, to figure out the correct settings." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "I can't find the menu" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "In many new email programs, the main menu is represented by an image of " "three stacked horizontal bars." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Don't see a solution to your problem?" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Please let us know on the <a " "href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">feedback " "page</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 1.b</em> Install GnuPG" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you are using a GNU/Linux machine, you should already have GnuPG " "installed, and you can skip to <a href=\"#section2\">Section 2</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you are using a macOS or Windows machine, however, you need to first " "install the GnuPG program. Select your operating system below and follow the " "instructions. For the rest of this guide, the steps are the same for all " "operating systems." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><h4> msgid "macOS" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Use a third-party package manager to install GnuPG" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "The default macOS package manager makes it difficult to install GnuPG and " "other pieces of free software (like Emacs, GIMP, or Inkscape). To make " "things easier, we recommend setting up the third-party package manager " "\"Homebrew\" to install GnuPG. For this, we will use a program called " "\"Terminal,\" which is pre-installed on macOS." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "# Copy the first command on the home page of <a " "href=\"https://brew.sh/\">Homebrew</a> by clicking on the clipboard icon, " "and paste it in Terminal. Click \"Enter\" and wait for the installation to " "finalize." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "# Then install GnuPG by entering the following code in Terminal:" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "<code>brew install gnupg gnupg2</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><h4> msgid "Windows" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Get GnuPG by downloading GPG4Win" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "<a href=\"https://www.gpg4win.org/\">GPG4Win</a> is an email and file " "encryption software package that includes GnuPG. Download and install the " "latest version, choosing default options whenever asked. After it's " "installed, you can close any windows that it creates." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "GnuPG, OpenPGP, what?" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP are " "used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the " "encryption standard, and GNU Privacy Guard (often shortened to GPG or GnuPG) " "is the program that implements the standard. Most email programs provide an " "interface for GnuPG. There is also a newer version of GnuPG, called GnuPG2." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#2</em> Make your keys" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><p><img> msgid "A robot with a head shaped like a key holding a private and a public key" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "To use the GnuPG system, you'll need a public key and a private key (known " "together as a keypair). Each is a long string of randomly generated numbers " "and letters that are unique to you. Your public and private keys are linked " "together by a special mathematical function." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Your public key isn't like a physical key, because it's stored in the open " "in an online directory called a keyserver. People download it and use it, " "along with GnuPG, to encrypt emails they send to you. You can think of the " "keyserver as a phonebook; people who want to send you encrypted email can " "look up your public key." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Your private key is more like a physical key, because you keep it to " "yourself (on your computer). You use GnuPG and your private key together to " "descramble encrypted emails other people send to you. <strong>You should " "never share your private key with anyone, under any circumstances.</strong>" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "In addition to encryption and decryption, you can also use these keys to " "sign messages and check the authenticity of other people's signatures. We'll " "discuss this more in the next section." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 2.A: Make your Keypair" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 2.A: Set your passphrase" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 2.a</em> Make a keypair" msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Make your keypair" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "We will use the command line in a terminal to create a keypair using the " "GnuPG program." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Whether on GNU/Linux, macOS or Windows, you can launch your terminal " "(\"Terminal\" in macOS, \"PowerShell\" in Windows) from the Applications " "menu (some GNU/Linux systems respond to the <kbd>Ctrl + Alt + T</kbd> " "shortcut)." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Enter <code>gpg --full-generate-key</code> to start the process." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# To answer what kind of key you would like to create, select the default " "option: <samp>1 RSA and RSA</samp>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Enter the following keysize: <code>4096</code> for a strong key." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Choose the expiration date; we suggest <code>2y</code> (2 years)." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "Follow the prompts to continue setting up with your personal details." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Depending on your version of GPG, you may need to use <code>--gen-key</code> " "instead of <code>--full-generate-key</code>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "You can set further options by running <code>gpg --edit-key " "[your@email]</code> in a terminal window." msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Set your passphrase" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "On the screen titled \"Passphrase,\" pick a strong passphrase! You can do it " "manually, or you can use the Diceware method. Doing it manually is faster " "but not as secure. Using Diceware takes longer and requires dice, but " "creates a passphrase that is much harder for attackers to figure out. To use " "it, read the section \"Make a secure passphrase with Diceware\" in <a " "href=\"https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/\"> " "this article</a> by Micah Lee." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you'd like to pick a passphrase manually, come up with something you can " "remember which is at least twelve characters long, and includes at least one " "lower case and upper case letter and at least one number or punctuation " "symbol. Never pick a passphrase you've used elsewhere. Don't use any " "recognizable patterns, such as birthdays, telephone numbers, pets' names, " "song lyrics, quotes from books, and so on." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "GnuPG is not installed" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You can check if this is the case with the command <code>gpg " "--version</code>. If GnuPG is not installed, it will bring up the " "following result on most GNU/Linux operating systems, or something like it: " "<samp>Command 'gpg' not found, but can be installed with: sudo apt install " "gnupg</samp>. Follow that command and install the program." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "<i>gpg --full-generate-key</i> command not working" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Some distributions use a different version of GPG. When you receive an error " "code that is something along the lines of: <samp>gpg: Invalid option " "\"--full-generate-key\"</samp>, you can try the following commands:" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "<code>sudo apt update</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "<code>sudo apt install gnupg2</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "<code>gpg2 --full-generate-key</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "If this resolved the issue, you need to continue to use the gpg2 identifier " "instead of gpg throughout the following steps of the guide." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "I took too long to create my passphrase" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "That's okay. It's important to think about your passphrase. When you're " "ready, just follow the steps from the beginning again to create your key." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "How can I see my key?" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Use the following command to see all keys: <code>gpg " "--list-keys</code>. Yours should be listed in there, and later, so " "will Edward's (<a href=\"#section3\">Section 3</a>)." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "If you want to see only your key, you can use <code>gpg --list-key " "[your@email]</code>." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You can also use <code>gpg --list-secret-key</code> to see your own private " "key." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "More resources" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "For more information about this process, you can also refer to <a " "href=\"https://www.gnupg.org/gph/en/manual/c14.html#AEN25\">The GNU Privacy " "Handbook</a>. Make sure you stick with \"RSA and RSA\" (the default), " "because it's newer and more secure than the algorithms the documentation " "recommends. Also make sure your key is at least 4096 bits if you want " "to be secure." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><h4> msgid "Advanced" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Advanced key pairs" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "When GnuPG creates a new keypair, it compartmentalizes the encryption " "function from the signing function through <a " "href=\"https://wiki.debian.org/Subkeys\">subkeys</a>. If you use subkeys " "carefully, you can keep your GnuPG identity more secure and recover from a " "compromised key much more quickly. <a " "href=\"https://alexcabal.com/creating-the-perfect-gpg-keypair/\">Alex " "Cabal</a> and <a href=\"https://keyring.debian.org/creating-key.html\">the " "Debian wiki</a> provide good guides for setting up a secure subkey " "configuration." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 2.B: Send to server and generate a certificate" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 2.b</em> Some important steps following creation" msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Upload your key to a keyserver" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "We will upload your key to a keyserver, so if someone wants to send you an " "encrypted message, they can download your public key from the " "Internet. There are multiple keyservers that you can select from the menu " "when you upload, but they are mostly all copies of each other. Any server " "will work, but it's good to remember which one you uploaded your key to " "originally. Also keep in mind, sometimes takes a few hours for them to match " "each other when a new key is uploaded." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# Copy your keyID: <code>gpg --list-key [your@email]</code> will list your " "public (\"pub\") key information, including your keyID, which is a unique " "list of numbers and letters. Copy this keyID, so you can use it in the " "following command." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Upload your key to a server: <code>gpg --send-key [keyID]</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Export your key to a file" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Use the following command to export your secret key so you can import it " "into your email client at the next <a href=\"#section3\">step</a>. To avoid " "getting your key compromised, store this in a safe place, and make sure that " "if it is transferred, it is done so in a trusted way. Exporting your keys " "can be done with the following commands:" msgstr "" #. type: Content of: <html><body><section><div><div><div><p><code> msgid "<code> $ gpg --export-secret-keys -a [keyID] > my_secret_key.asc" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "$ gpg --export -a [keyID] > my_public_key.asc </code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Generate a revocation certificate" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Just in case you lose your key, or it gets compromised, you want to generate " "a certificate and choose to save it in a safe place on your computer for now " "(please refer to <a href=\"#step-6c\">Step 6.C</a> for how to best store " "your revocation cerficate safely). This step is essential for your email " "self-defense, as you'll learn more about in <a href=\"#section5\">Section " "5</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# Generate a revocation certificate: <code>gpg --gen-revoke --output " "revoke.asc [keyID]</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# It will prompt you to give a reason for revocation, we recommend to use " "<samp>1 = key has been compromised</samp>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# You don't have to fill in a reason, but you can; then press \"Enter\" for " "an empty line, and confirm your selection." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Sending my key to the keyserver is not working" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Instead of using the general command to upload your key to the keyserver, " "you can use a more specific command and add the keyserver to your command " "<code>gpg --keyserver keys.openpgp.org --send-key [keyID]</code>." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "My key doesn't seem to be working or I get a \"permission denied.\"" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Like every other file or folder, gpg keys are subject to permissions. If " "these are not set correctly, your system may not be accepting your keys. You " "can follow the next steps to check, and update to the right permissions." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "# Check your permissions: <code>ls -l ~/.gnupg/*</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "# Set permissions to read, write, execute for only yourself, no " "others. These are the recommended permissions for your folder." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "You can use the command: <code>chmod 700 ~/.gnupg</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "# Set permissions to read and write for yourself only, no others. These are " "the recommended permissions for the keys inside your folder." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "You can use the code: <code>chmod 600 ~/.gnupg/*</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "If you have (for any reason) created your own folders inside ~/.gnupg, you " "must also additionally apply execute permissions to that folder. Folders " "require execution privileges to be opened. For more information on " "permissions, you can check out <a " "href=\"https://helpdeskgeek.com/linux-tips/understanding-linux-permissions-chmod-usage/\">this " "detailed information guide</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "More about keyservers" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You can find some more keyserver information <a " "href=\"https://www.gnupg.org/gph/en/manual/x457.html\">in this " "manual</a>. You can also <a " "href=\"https://www.gnupg.org/gph/en/manual/x56.html#AEN64\">directly export " "your key</a> as a file on your computer." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Transferring your keys" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Use the following commands to transfer your keys. To avoid getting your key " "compromised, store it in a safe place, and make sure that if it is " "transferred, it is done so in a trusted way. Importing and exporting a key " "can be done with the following commands:" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p><code> msgid "<code> $ gpg --export-secret-keys -a [keyID] > my_private_key.asc" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p><code> msgid "$ gpg --export -a [keyID] > my_public_key.asc" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p><code> msgid "$ gpg --import my_private_key.asc" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "$ gpg --import my_public_key.asc </code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Ensure that the keyID printed is the correct one, and if so, then go ahead " "and add ultimate trust for it:" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "<code> $ gpg --edit-key [your@email] </code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Because this is your key, you should choose " "<code>ultimate</code>. You shouldn't trust anyone else's key " "ultimately." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Refer to <a href=\"#step-2b\">Troubleshooting in Step 2.B</a> for more " "information on permissions. When transferring keys, your permissions may get " "mixed, and errors may be prompted. These are easily avoided when your " "folders and files have the right permissions" msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#3</em> Set up email encryption" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "The Icedove (or Thunderbird) email program has PGP functionality integrated, " "which makes it pretty easy to work with. We'll take you through the steps of " "integrating and using your key in these email clients." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 3.A: Email Menu" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 3.A: Import From File" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 3.A: Success" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 3.A: Troubleshoot" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 3.a</em> Set up your email with encryption" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Once you have set up your email with encryption, you can start contributing " "to encrypted traffic on the Internet. First we'll get your email client to " "import your secret key, and we will also learn how to get other people's " "public keys from servers so you can send and receive encrypted email." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Open your email client and use \"Tools\" → <i>OpenPGP Key Manager</i>" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Under \"File\" → <i>Import Secret Key(s) From File</i>" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# Select the file you saved under the name [my_secret_key.asc] in <a " "href=\"#step-2b\">Step 2.B</a> when you exported your key" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Unlock with your passphrase" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# You will receive a \"OpenPGP keys successfully imported\" window to " "confirm success" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# Go to \"Account settings\" → \"End-To-End Encryption,\" and make sure " "your key is imported and select <i>Treat this key as a Personal Key</i>." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "I'm not sure the import worked correctly" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Look for \"Account settings\" → \"End-To-End Encryption.\" Here you can " "see if your personal key associated with this email is found. If it is not, " "you can try again via the <i>Add key</i> option. Make sure you have the " "correct, active, secret key file." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#4</em> Try it out!" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><p><img> msgid "Illustration of a person in a house with a cat connected to a server" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Now you'll try a test correspondence with an FSF computer program named " "Edward, who knows how to use encryption. Except where noted, these are the " "same steps you'd follow when corresponding with a real, live person." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 4.A Send key to Edward." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 4.a</em> Send Edward your public key" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "This is a special step that you won't have to do when corresponding with " "real people. In your email program's menu, go to \"Tools\" → \"OpenPGP " "Key Manager.\" You should see your key in the list that pops up. Right click " "on your key and select <i>Send Public Keys by Email</i>. This will create a " "new draft message, as if you had just hit the \"Write\" button, but in the " "attachment you will find your public keyfile." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Address the message to <a " "href=\"mailto:edward-en@fsf.org\">edward-en@fsf.org</a>. Put at least one " "word (whatever you want) in the subject and body of the email. Don't send " "yet." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "We want Edward to be able to open the email with your keyfile, so we want " "this first special message to be unencrypted. Make sure encryption is turned " "off by using the dropdown menu \"Security\" and select <i>Do Not " "Encrypt</i>. Once encryption is off, hit Send." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "It may take two or three minutes for Edward to respond. In the meantime, you " "might want to skip ahead and check out the <a href=\"#section6\">Use it " "Well</a> section of this guide. Once you have received a response, head to " "the next step. From here on, you'll be doing just the same thing as when " "corresponding with a real person." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "When you open Edward's reply, GnuPG may prompt you for your passphrase " "before using your private key to decrypt it." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 4.B Option 1. Verify key" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 4.B Option 2. Import key" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 4.b</em> Send a test encrypted email" msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Get Edward's key" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "To encrypt an email to Edward, you need its public key, so now you'll have " "to download it from a keyserver. You can do this in two different ways:" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<strong>Option 1.</strong> In the email answer you received from Edward as a " "response to your first email, Edward's public key was included. On the right " "of the email, just above the writing area, you will find an \"OpenPGP\" " "button that has a lock and a little wheel next to it. Click that, and select " "<i>Discover</i> next to the text: \"This message was signed with a key that " "you don't yet have.\" A popup with Edward's key details will follow." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<strong>Option 2.</strong> Open your OpenPGP Key manager, and under " "\"Keyserver\" choose <i>Discover Keys Online</i>. Here, fill in Edward's " "email address, and import Edward's key." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "The option <i>Accepted (unverified)</i> will add this key to your key " "manager, and now it can be used to send encrypted emails and to verify " "digital signatures from Edward." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In the popup window confirming if you want to import Edward's key, you'll " "see many different emails that are all associated with its key. This is " "correct; you can safely import the key." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Since you encrypted this email with Edward's public key, Edward's private " "key is required to decrypt it. Edward is the only one with its private key, " "so no one except Edward can decrypt it." msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Send Edward an encrypted email" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Write a new email in your email program, addressed to <a " "href=\"mailto:edward-en@fsf.org\">edward-en@fsf.org</a>. Make the subject " "\"Encryption test\" or something similar and write something in the body." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "This time, make sure encryption is turned on by using the dropdown menu " "\"Security\" and select <i>Require Encryption</i>. Once encryption is on, " "hit Send." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "\"Recipients not valid, not trusted or not found\"" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You could get the above error message, or something along these lines: " "\"Unable to send this message with end-to-end encryption, because there are " "problems with the keys of the following recipients: ...\" In these cases, " "you may be trying to send an encrypted email to someone when you do not have " "their public key yet. Make sure you follow the steps above to import the key " "to your key manager. Open the OpenPGP Key Manager to make sure the recipient " "is listed there." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Unable to send message" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You could get the following message when trying to send your encrypted " "email: \"Unable to send this message with end-to-end encryption, because " "there are problems with the keys of the following recipients: " "edward-en@fsf.org.\" This usually means you imported the key with the \"Not " "accepted (undecided)\" option. Go to the \"key properties\" of this key by " "right clicking on the key in the OpenPGP Key Manager, and select the option " "<i>Yes, but I have not verified that this is the correct key</i> in the " "\"Acceptance\" option at the bottom of this window. Resend the email." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "I can't find Edward's key" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Close the pop-ups that have appeared since you clicked Send. Make sure you " "are connected to the Internet and try again. If that doesn't work, you can " "download the key manually from <a " "href=\"https://keys.openpgp.org/search?q=edward-en%40fsf.org\">the " "keyserver</a>, and import it by using the <i>Import Public Key(s) from " "File</i> option in the OpenPGP Key Manager." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Unscrambled messages in the Sent folder" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Even though you can't decrypt messages encrypted to someone else's key, your " "email program will automatically save a copy encrypted to your public key, " "which you'll be able to view from the Sent folder like a normal email. This " "is normal, and it doesn't mean that your email was not sent encrypted." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Encrypt messages from the command line" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You can also encrypt and decrypt messages and files from the <a " "href=\"https://www.gnupg.org/gph/en/manual/x110.html\">command line</a>, if " "that's your preference. The option --armor makes the encrypted output appear " "in the regular character set." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Important:</em> Security tips" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Even if you encrypt your email, the subject line is not encrypted, so don't " "put private information there. The sending and receiving addresses aren't " "encrypted either, so a surveillance system can still figure out who you're " "communicating with. Also, surveillance agents will know that you're using " "GnuPG, even if they can't figure out what you're saying. When you send " "attachments, you can choose to encrypt them or not, independent of the " "actual email." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "For greater security against potential attacks, you can turn off " "HTML. Instead, you can render the message body as plain text. In order to do " "this in Icedove or Thunderbird, go to \"View\" → \"Message Body As\" " "→ <i>Plain Text</i>." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 4.C Edward's response" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 4.c</em> Receive a response" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "When Edward receives your email, it will use its private key to decrypt it, " "then reply to you." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "It may take two or three minutes for Edward to respond. In the meantime, you " "might want to skip ahead and check out the <a href=\"#section6\">Use it " "Well</a> section of this guide." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Edward will send you an encrypted email back saying your email was received " "and decrypted. Your email client will automatically decrypt Edward's " "message." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "The OpenPGP button in the email will show a little green checkmark over the " "lock symbol to show the message is encrypted, and a little orange warning " "sign which means that you have accepted the key, but not verified it. When " "you have not yet accepted the key, you will see a little question mark " "there. Clicking the prompts in this button will lead you to key properties " "as well." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 4.d</em> Send a signed test email" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "GnuPG includes a way for you to sign messages and files, verifying that they " "came from you and that they weren't tampered with along the way. These " "signatures are stronger than their pen-and-paper cousins -- they're " "impossible to forge, because they're impossible to create without your " "private key (another reason to keep your private key safe)." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "You can sign messages to anyone, so it's a great way to make people aware " "that you use GnuPG and that they can communicate with you securely. If they " "don't have GnuPG, they will be able to read your message and see your " "signature. If they do have GnuPG, they'll also be able to verify that your " "signature is authentic." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "To sign an email to Edward, compose any message to the email address and " "click the pencil icon next to the lock icon so that it turns gold. If you " "sign a message, GnuPG may ask you for your passphrase before it sends the " "message, because it needs to unlock your private key for signing." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In \"Account Settings\" → \"End-To-End-Encryption\" you can opt to " "<i>add digital signature by default</i>." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 4.e</em> Receive a response" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "When Edward receives your email, he will use your public key (which you sent " "him in <a href=\"#step-3a\">Step 3.A</a>) to verify the message you sent has " "not been tampered with and to encrypt a reply to you." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Edward's reply will arrive encrypted, because he prefers to use encryption " "whenever possible. If everything goes according to plan, it should say " "\"Your signature was verified.\" If your test signed email was also " "encrypted, he will mention that first." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "When you receive Edward's email and open it, your email client will " "automatically detect that it is encrypted with your public key, and then it " "will use your private key to decrypt it." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#5</em> Learn about the Web of Trust" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><p><img> msgid "Illustration of keys all interconnected with a web of lines" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Email encryption is a powerful technology, but it has a weakness: it " "requires a way to verify that a person's public key is actually " "theirs. Otherwise, there would be no way to stop an attacker from making an " "email address with your friend's name, creating keys to go with it, and " "impersonating your friend. That's why the free software programmers that " "developed email encryption created keysigning and the Web of Trust." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "When you sign someone's key, you are publicly saying that you've verified " "that it belongs to them and not someone else." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Signing keys and signing messages use the same type of mathematical " "operation, but they carry very different implications. It's a good practice " "to generally sign your email, but if you casually sign people's keys, you " "may accidentally end up vouching for the identity of an imposter." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "People who use your public key can see who has signed it. Once you've used " "GnuPG for a long time, your key may have hundreds of signatures. You can " "consider a key to be more trustworthy if it has many signatures from people " "that you trust. The Web of Trust is a constellation of GnuPG users, " "connected to each other by chains of trust expressed through signatures." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Section 5: trusting a key" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 5.a</em> Sign a key" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In your email program's menu, go to OpenPGP Key Manager and select <i>Key " "properties</i> by right clicking on Edward's key." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Under \"Your Acceptance,\" you can select <i>Yes, I've verified in person " "this key has the correct fingerprint</i>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "You've just effectively said \"I trust that Edward's public key actually " "belongs to Edward.\" This doesn't mean much because Edward isn't a real " "person, but it's good practice, and for real people it is important. You can " "read more about signing a person's key in the <a " "href=\"#check-ids-before-signing\">check IDs before signing</a> section." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Identifying keys: Fingerprints and IDs" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "People's public keys are usually identified by their key fingerprint, which " "is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8 (for " "Edward's key). You can see the fingerprint for your public key, and other " "public keys saved on your computer, by going to OpenPGP Key Management in " "your email program's menu, then right clicking on the key and choosing Key " "Properties. It's good practice to share your fingerprint wherever you share " "your email address, so that people can double-check that they have the " "correct public key when they download yours from a keyserver." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "You may also see public keys referred to by a shorter keyID. This keyID is " "visible directly from the Key Management window. These eight character " "keyIDs were previously used for identification, which used to be safe, but " "is no longer reliable. You need to check the full fingerprint as part of " "verifying you have the correct key for the person you are trying to " "contact. Spoofing, in which someone intentionally generates a key with a " "fingerprint whose final eight characters are the same as another, is " "unfortunately common." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Important:</em> What to consider when signing keys" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Before signing a person's key, you need to be confident that it actually " "belongs to them, and that they are who they say they are. Ideally, this " "confidence comes from having interactions and conversations with them over " "time, and witnessing interactions between them and others. Whenever signing " "a key, ask to see the full public key fingerprint, and not just the shorter " "keyID. If you feel it's important to sign the key of someone you've just " "met, also ask them to show you their government identification, and make " "sure the name on the ID matches the name on the public key." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Master the Web of Trust" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Unfortunately, trust does not spread between users the way <a " "href=\"https://fennetic.net/irc/finney.org/~hal/web_of_trust.html\">many " "people think</a>. One of the best ways to strengthen the GnuPG community is " "to deeply <a " "href=\"https://www.gnupg.org/gph/en/manual/x334.html\">understand</a> the " "Web of Trust and to carefully sign as many people's keys as circumstances " "permit." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#6</em> Use it well" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Everyone uses GnuPG a little differently, but it's important to follow some " "basic practices to keep your email secure. Not following them, you risk the " "privacy of the people you communicate with, as well as your own, and damage " "the Web of Trust." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Section 6: Use it Well (1)" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "When should I encrypt? When should I sign?" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "The more you can encrypt your messages, the better. If you only encrypt " "emails occasionally, each encrypted message could raise a red flag for " "surveillance systems. If all or most of your email is encrypted, people " "doing surveillance won't know where to start. That's not to say that only " "encrypting some of your email isn't helpful -- it's a great start and it " "makes bulk surveillance more difficult." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Unless you don't want to reveal your own identity (which requires other " "protective measures), there's no reason not to sign every message, whether " "or not you are encrypting. In addition to allowing those with GnuPG to " "verify that the message came from you, signing is a non-intrusive way to " "remind everyone that you use GnuPG and show support for secure " "communication. If you often send signed messages to people that aren't " "familiar with GnuPG, it's nice to also include a link to this guide in your " "standard email signature (the text kind, not the cryptographic kind)." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Section 6: Use it Well (2)" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Be wary of invalid keys" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "GnuPG makes email safer, but it's still important to watch out for invalid " "keys, which might have fallen into the wrong hands. Email encrypted with " "invalid keys might be readable by surveillance programs." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In your email program, go back to the first encrypted email that Edward sent " "you. Because Edward encrypted it with your public key, it will have a green " "checkmark on the \"OpenPGP\" button." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<strong>When using GnuPG, make a habit of glancing at that button. The " "program will warn you there if you get an email signed with a key that can't " "be trusted.</strong>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Copy your revocation certificate to somewhere safe" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Remember when you created your keys and saved the revocation certificate " "that GnuPG made? It's time to copy that certificate onto the safest storage " "that you have -- a flash drive, disk, or hard drive stored in a safe place " "in your home could work, not on a device you carry with you regularly. The " "safest way we know is actually to print the revocation certificate and store " "it in a safe place." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If your private key ever gets lost or stolen, you'll need this certificate " "file to let people know that you are no longer using that keypair." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>IMPORTANT:</em> ACT SWIFTLY if someone gets your private key" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you lose your private key or someone else gets a hold of it (say, by " "stealing or cracking your computer), it's important to revoke it immediately " "before someone else uses it to read your encrypted email or forge your " "signature. This guide doesn't cover how to revoke a key, but you can follow " "these <a " "href=\"https://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/\">instructions</a>. " "After you're done revoking, make a new key and send an email to everyone " "with whom you usually use your key to make sure they know, including a copy " "of your new key." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Webmail and GnuPG" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "When you use a web browser to access your email, you're using webmail, an " "email program stored on a distant website. Unlike webmail, your desktop " "email program runs on your own computer. Although webmail can't decrypt " "encrypted email, it will still display it in its encrypted form. If you " "primarily use webmail, you'll know to open your email client when you " "receive a scrambled email." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Make your public key part of your online identity" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "First add your public key fingerprint to your email signature, then compose " "an email to at least five of your friends, telling them you just set up " "GnuPG and mentioning your public key fingerprint. Link to this guide and ask " "them to join you. Don't forget that there's also an awesome <a " "href=\"infographic.html\">infographic to share.</a>" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Start writing your public key fingerprint anywhere someone would see your " "email address: your social media profiles, blog, Website, or business " "card. (At the Free Software Foundation, we put ours on our <a " "href=\"https://fsf.org/about/staff\">staff page</a>.) We need to get our " "culture to the point that we feel like something is missing when we see an " "email address without a public key fingerprint." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<a href=\"next_steps.html\">Great job! Check out the next steps.</a>" msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "Copyright © 2014-2023 <a href=\"https://u.fsf.org/ys\">Free Software " "Foundation</a>, Inc. <a " "href=\"https://my.fsf.org/donate/privacypolicy.html\">Privacy " "Policy</a>. Please support our work by <a " "href=\"https://u.fsf.org/yr\">joining us as an associate member.</a>" msgstr "" #. type: Content of: <html><body><header><div><p> msgid "← Read the <a href=\"index.html\">full guide</a>" msgstr "" #. type: Content of: <html><body><header><div><h3><a> msgid "" "<a " "href=\"https://fsf.org/share?u=https://u.fsf.org/zc&t=How%20public-key%20encryption%20works.%20Infographic%20via%20%40fsf\">" msgstr "" #. type: Content of: <html><body><header><div><h3> msgid " Share our infographic </a> with the hashtag #EmailSelfDefense" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><p><img> msgid "View & share our infographic" msgstr "" #. type: Content of: <html><body><header><div><h1> msgid "Great job!" msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#7</em> Next steps" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "You've now completed the basics of email encryption with GnuPG, taking " "action against bulk surveillance. These next steps will help make the most " "of the work you've done." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "← <a href=\"index.html\">Return to the guide</a>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Join the movement" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "You've just taken a huge step towards protecting your privacy online. But " "each of us acting alone isn't enough. To topple bulk surveillance, we need " "to build a movement for the autonomy and freedom of all computer users. Join " "the Free Software Foundation's community to meet like-minded people and work " "together for change." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<small>Read <a href=\"https://www.fsf.org/twitter\">why GNU Social and " "Mastodon are better than Twitter</a>, and <a " "href=\"https://www.fsf.org/facebook\">why we don't use Facebook</a>.</small>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><p> msgid "Low-volume mailing list" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><form> msgid "" "<input type=\"text\" placeholder=\"Type your email...\" " "name=\"email-Primary\" id=\"frmEmail\" /> <input type=\"submit\" value=\"Add " "me\" name=\"_qf_Edit_next\" /> <input type=\"hidden\" " "value=\"https://emailselfdefense.fsf.org/en/confirmation.html\" " "name=\"postURL\" /> <input type=\"hidden\" value=\"1\" name=\"group[25]\" /> " "<input type=\"hidden\" " "value=\"https://my.fsf.org/civicrm/profile?reset=1&gid=391\" " "name=\"cancelURL\" /> <input type=\"hidden\" value=\"Edit:cancel\" " "name=\"_qf_default\" />" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><p> msgid "" "<small>Read our <a " "href=\"https://my.fsf.org/donate/privacypolicy.html\">privacy " "policy</a>.</small>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Bring Email Self-Defense to new people" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Understanding and setting up email encryption is a daunting task for " "many. To welcome them, make it easy to find your public key and offer to " "help with encryption. Here are some suggestions:" msgstr "" #. type: Content of: <html><body><section><div><div><div><ul><li> msgid "" "# Lead an Email Self-Defense workshop for your friends and community, using " "our <a href=\"workshops.html\">teaching guide</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><ul><li> msgid "" "# Use <a " "href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Encrypt%20with%20me%20using%20Email%20Self-Defense%20%40fsf\"> " "our sharing page</a> to compose a message to a few friends and ask them to " "join you in using encrypted email. Remember to include your GnuPG public key " "fingerprint so they can easily download your key." msgstr "" #. type: Content of: <html><body><section><div><div><div><ul><li> msgid "" "# Add your public key fingerprint anywhere that you normally display your " "email address. Some good places are: your email signature (the text kind, " "not the cryptographic kind), social media profiles, blogs, Web sites, or " "business cards. At the Free Software Foundation, we put ours on our <a " "href=\"https://fsf.org/about/staff\">staff page</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Protect more of your digital life" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Learn surveillance-resistant technologies for instant messages, hard drive " "storage, online sharing, and more at <a " "href=\"https://directory.fsf.org/wiki/Collection:Privacy_pack\"> the Free " "Software Directory's Privacy Pack</a> and <a " "href=\"https://prism-break.org\">prism-break.org</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you are using Windows, macOS or any other proprietary operating system, " "we recommend you switch to a free software operating system like " "GNU/Linux. This will make it much harder for attackers to enter your " "computer through hidden back doors. Check out the Free Software Foundation's " "<a href=\"https://www.gnu.org/distros/free-distros.html\">endorsed versions " "of GNU/Linux.</a>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Optional: Add more email protection with Tor" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<a href=\"https://www.torproject.org/about/overview.html.en\">The Onion " "Router (Tor) network</a> wraps Internet communication in multiple layers of " "encryption and bounces it around the world several times. When used " "properly, Tor confuses surveillance field agents and the global surveillance " "apparatus alike. Using it simultaneously with GnuPG's encryption will give " "you the best results." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "To have your email program send and receive email over Tor, install the <a " "href=\"https://addons.mozilla.org/en-us/thunderbird/addon/torbirdy/\">Torbirdy " "plugin</a> by searching for it through Add-ons." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Before beginning to check your email over Tor, make sure you understand <a " "href=\"https://www.torproject.org/docs/faq.html.en#WhatProtectionsDoesTorProvide\"> " "the security tradeoffs involved</a>. This <a " "href=\"https://www.eff.org/pages/tor-and-https\">infographic</a> from our " "friends at the Electronic Frontier Foundation demonstrates how Tor keeps you " "secure." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Section 7: Next Steps" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Make Email Self-Defense tools even better" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<a href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">Leave " "feedback and suggest improvements to this guide</a>. We welcome " "translations, but we ask that you contact us at <a " "href=\"mailto:campaigns@fsf.org\">campaigns@fsf.org</a> before you start, so " "that we can connect you with other translators working in your language." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you like programming, you can contribute code to <a " "href=\"https://www.gnupg.org/\">GnuPG</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "To go the extra mile, support the Free Software Foundation so we can keep " "improving Email Self-Defense, and make more tools like it." msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "<a href=\"index.html\">Set up guide</a>" msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "<a href=\"workshops.html\" class=\"current\">Teach your friends</a>" msgstr "" #. type: Content of: <html><body><header><div><div><div><p> msgid "" "We want to translate this guide into more languages, and make a version for " "encryption on mobile devices. Please donate, and help people around the " "world take the first step towards protecting their privacy with free " "software." msgstr "" #. type: Content of: <html><body><header><div><div><p><a> msgid "" "<a " "href=\"https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate\">" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img> msgid "View & share our infographic →" msgstr "" #. type: Content of: <html><body><header><div><div><p> msgid "" "</a> Understanding and setting up email encryption sounds like a daunting " "task to many people. That's why helping your friends with GnuPG plays such " "an important role in helping spread encryption. Even if only one person " "shows up, that's still one more person using encryption who wasn't " "before. You have the power to help your friends keep their digital love " "letters private, and teach them about the importance of free software. If " "you use GnuPG to send and receive encrypted email, you're a perfect " "candidate for leading a workshop!" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><p><img> msgid "A small workshop among friends" msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#1</em> Get your friends or community interested" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "If you hear friends grumbling about their lack of privacy, ask them if " "they're interested in attending a workshop on Email Self-Defense. If your " "friends don't grumble about privacy, they may need some convincing. You " "might even hear the classic \"if you've got nothing to hide, you've got " "nothing to fear\" argument against using encryption." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Here are some talking points you can use to help explain why it's worth it " "to learn GnuPG. Mix and match whichever you think will make sense to your " "community:" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Strength in numbers" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Each person who chooses to resist mass surveillance with encryption makes it " "easier for others to resist as well. People normalizing the use of strong " "encryption has multiple powerful effects: it means those who need privacy " "the most, like potential whistle-blowers and activists, are more likely to " "learn about encryption. More people using encryption for more things also " "makes it harder for surveillance systems to single out those that can't " "afford to be found, and shows solidarity with those people." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "People you respect may already be using encryption" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Many journalists, whistleblowers, activists, and researchers use GnuPG, so " "your friends might unknowingly have heard of a few people who use it " "already. You can search for \"BEGIN PUBLIC KEY BLOCK\" + keyword to help " "make a list of people and organizations who use GnuPG whom your community " "will likely recognize." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Respect your friends' privacy" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "There's no objective way to judge what constitutes privacy-sensitive " "correspondence. As such, it's better not to presume that just because you " "find an email you sent to a friend innocuous, your friend (or a surveillance " "agent, for that matter!) feels the same way. Show your friends respect by " "encrypting your correspondence with them." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Privacy technology is normal in the physical world" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In the physical realm, we take window blinds, envelopes, and closed doors " "for granted as ways of protecting our privacy. Why should the digital realm " "be any different?" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "We shouldn't have to trust our email providers with our privacy" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Some email providers are very trustworthy, but many have incentives not to " "protect your privacy and security. To be empowered digital citizens, we need " "to build our own security from the bottom up." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#2</em> Plan The Workshop" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Once you've got at least one interested friend, pick a date and start " "planning out the workshop. Tell participants to bring their computer and ID " "(for signing each other's keys). If you'd like to make it easy for the " "participants to use <a " "href=\"https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/\">Diceware</a> " "for choosing passphrases, get a pack of dice beforehand. Make sure the " "location you select has an easily accessible Internet connection, and make " "backup plans in case the connection stops working on the day of the " "workshop. Libraries, coffee shops, and community centers make great " "locations. Try to get all the participants to set up an email client based " "on Thunderbird before the event. Direct them to their email provider's IT " "department or help page if they run into errors." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Estimate that the workshop will take at least forty minutes plus ten minutes " "for each participant. Plan extra time for questions and technical glitches." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "The success of the workshop requires understanding and catering to the " "unique backgrounds and needs of each group of participants. Workshops should " "stay small, so that each participant receives more individualized " "instruction. If more than a handful of people want to participate, keep the " "facilitator to participant ratio high by recruiting more facilitators, or by " "facilitating multiple workshops. Small workshops among friends work great!" msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#3</em> Follow the guide as a group" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Work through the Email Self-Defense guide a step at a time as a group. Talk " "about the steps in detail, but make sure not to overload the participants " "with minutia. Pitch the bulk of your instructions to the least tech-savvy " "participants. Make sure all the participants complete each step before the " "group moves on to the next one. Consider facilitating secondary workshops " "afterwards for people that had trouble grasping the concepts, or those that " "grasped them quickly and want to learn more." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "In <a href=\"index.html#section2\">Section 2</a> of the guide, make sure the " "participants upload their keys to the same keyserver so that they can " "immediately download each other's keys later (sometimes there is a delay in " "synchronization between keyservers). During <a " "href=\"index.html#section3\">Section 3</a>, give the participants the option " "to send test messages to each other instead of or as well as " "Edward. Similarly, in <a href=\"index.html#section4\">Section 4</a>, " "encourage the participants to sign each other's keys. At the end, make sure " "to remind people to safely back up their revocation certificates." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#4</em> Explain the pitfalls" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Remind participants that encryption works only when it's explicitly used; " "they won't be able to send an encrypted email to someone who hasn't already " "set up encryption. Also remind participants to double-check the encryption " "icon before hitting send, and that subjects and timestamps are never " "encrypted." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Explain the <a " "href=\"https://www.gnu.org/proprietary/proprietary.html\">dangers of running " "a proprietary system</a> and advocate for free software, because without it, " "we can't <a " "href=\"https://www.fsf.org/bulletin/2013/fall/how-can-free-software-protect-us-from-surveillance\">meaningfully " "resist invasions of our digital privacy and autonomy</a>." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#5</em> Share additional resources" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "GnuPG's advanced options are far too complex to teach in a single " "workshop. If participants want to know more, point out the advanced " "subsections in the guide and consider organizing another workshop. You can " "also share <a " "href=\"https://www.gnupg.org/documentation/index.html\">GnuPG's</a> official " "documentation and mailing lists, and the <a " "href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">Email " "Self-Defense feedback</a> page. Many GNU/Linux distribution's Web sites also " "contain a page explaining some of GnuPG's advanced features." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#6</em> Follow up" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Make sure everyone has shared email addresses and public key fingerprints " "before they leave. Encourage the participants to continue to gain GnuPG " "experience by emailing each other. Send them each an encrypted email one " "week after the event, reminding them to try adding their public key ID to " "places where they publicly list their email address." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "If you have any suggestions for improving this workshop guide, please let us " "know at <a href=\"mailto:campaigns@fsf.org\">campaigns@fsf.org</a>." msgstr ""

# SOME DESCRIPTIVE TITLE # Copyright (C) YEAR Free Software Foundation, Inc. # This file is distributed under the same license as the PACKAGE package. # FIRST AUTHOR , YEAR. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "POT-Creation-Date: 2023-09-15 17:56+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. type: Attribute 'lang' of: msgid "en" msgstr "" #. type: Attribute 'content' of: msgid "text/html; charset=utf-8" msgstr "" #. type: Content of: msgid "Email Self-Defense - a guide to fighting surveillance with GnuPG encryption" msgstr "" #. type: Attribute 'content' of: <html><head><meta> msgid "" "GnuPG, GPG, openpgp, surveillance, privacy, email, security, GnuPG2, " "encryption" msgstr "" #. type: Attribute 'content' of: <html><head><meta> msgid "" "Email surveillance violates our fundamental rights and makes free speech " "risky. This guide will teach you email self-defense in 40 minutes with " "GnuPG." msgstr "" #. type: Attribute 'content' of: <html><head><meta> msgid "width=device-width, initial-scale=1" msgstr "" #. type: Content of: <html><body><header><div><p> msgid "" "<strong>Please check your email for a confirmation link now. Thanks for " "joining our list!</strong>" msgstr "" #. type: Content of: <html><body><header><div><p> msgid "" "If you don't receive the confirmation link, send us an email at info@fsf.org " "to be added manually." msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><p><img> msgid "Try it out." msgstr "" #. type: Content of: <html><body><header><div><p> msgid "Join us on microblogging services for day-to-day updates:" msgstr "" #. type: Content of: <html><body><section><div><div><div><p><a> msgid "<a href=\"https://status.fsf.org/fsf\">" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> msgid "[GNU Social]" msgstr "" #. type: Content of: <html><body><section><div><div><div><p><a> msgid " GNU Social</a> | <a href=\"https://hostux.social/@fsf\">" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> msgid "[Mastodon]" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" " Mastodon</a> | <a " "href=\"https://www.twitter.com/fsf\">Twitter</a>" msgstr "" #. type: Content of: <html><body><header><div><p> msgid "" "<small><a href=\"https://www.fsf.org/twitter\">Read why GNU Social and " "Mastodon are better than Twitter.</a></small>" msgstr "" #. type: Content of: <html><body><header><div><p> msgid "← Return to <a href=\"index.html\">Email Self-Defense</a>" msgstr "" #. type: Content of: <html><body><footer><div><div><h4><a> msgid "<a href=\"https://u.fsf.org/ys\">" msgstr "" #. type: Attribute 'alt' of: <html><body><footer><div><div><h4><a><img> msgid "Free Software Foundation" msgstr "" #. type: Content of: <html><body><footer><div><p> msgid "</a>" msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "Copyright © 2014-2021 <a href=\"https://u.fsf.org/ys\">Free Software " "Foundation</a>, Inc. <a " "href=\"https://my.fsf.org/donate/privacypolicy.html\">Privacy " "Policy</a>. Please support our work by <a " "href=\"https://u.fsf.org/yr\">joining us as an associate member.</a>" msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "The images on this page are under a <a " "href=\"https://creativecommons.org/licenses/by/4.0/\">Creative Commons " "Attribution 4.0 license (or later version)</a>, and the rest of it is under " "a <a href=\"https://creativecommons.org/licenses/by-sa/4.0\">Creative " "Commons Attribution-ShareAlike 4.0 license (or later version)</a>. Download " "the <a " "href=\"https://agpl.fsf.org/emailselfdefense.fsf.org/edward/CURRENT/edward.tar.gz\"> " "source code of Edward reply bot</a> by Andrew Engelbrecht " "<andrew@engelbrecht.io> and Josh Drake <zamnedix@gnu.org>, " "available under the GNU Affero General Public License. <a " "href=\"https://www.gnu.org/licenses/license-list.html#OtherLicenses\">Why " "these licenses?</a>" msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "Fonts used in the guide & infographic: <a " "href=\"https://www.google.com/fonts/specimen/Dosis\">Dosis</a> by Pablo " "Impallari, <a " "href=\"https://www.google.com/fonts/specimen/Signika\">Signika</a> by Anna " "Giedryś, <a " "href=\"https://www.google.com/fonts/specimen/Archivo+Narrow\">Archivo " "Narrow</a> by Omnibus-Type, <a " "href=\"https://libreplanet.org/wiki/GPG_guide/Graphics_Howto#Pitfalls\">PXL-2000</a> " "by Florian Cramer." msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "Download the <a href=\"emailselfdefense_source.zip\">source package</a> for " "this guide, including fonts, image source files and the text of Edward's " "messages." msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "This site uses the Weblabels standard for labeling <a " "href=\"https://www.fsf.org/campaigns/freejs\">free JavaScript</a>. View the " "JavaScript <a href=\"https://weblabels.fsf.org/emailselfdefense.fsf.org/\" " "rel=\"jslicense\">source code and license information</a>." msgstr "" #. type: Content of: <html><body><footer><div><p><a> msgid "" "Infographic and guide design by <a rel=\"external\" " "href=\"https://jplusplus.org\"><strong>Journalism++</strong>" msgstr "" #. type: Attribute 'alt' of: <html><body><footer><div><p><a><img> msgid "Journalism++" msgstr "" #. type: Content of: <html><body><header><div><h1> msgid "Email Self-Defense" msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "" "<strong><a " "href=\"https://libreplanet.org/wiki/GPG_guide/Translation_Guide\"> " "Translate!</a></strong>" msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "<a href=\"index.html\" class=\"current\">Set up guide</a>" msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "<a href=\"workshops.html\">Teach your friends</a>" msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "" "<a " "href=\"http://hhldo3tnt5solzj2bwfvh7xm4slk2forpjwjyemhcfrlob5gq75gioid.onion/en\" " "target=\"_blank\">This site's tor onion service</a>" msgstr "" #. type: Content of: <html><body><header><div><ul><li><a> msgid "" "<a " "href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Email%20encryption%20for%20everyone%20via%20%40fsf\"> " "Share " msgstr "" #. type: Content of: <html><body><header><div><ul><li><a> msgid " " msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> msgid "[Reddit]" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><ul><li><a><img> msgid "[Hacker News]" msgstr "" #. type: Content of: <html><body><header><div><div><div><p> msgid "" "We fight for computer users' rights, and promote the development of free (as " "in freedom) software. Resisting bulk surveillance is very important to us." msgstr "" #. type: Content of: <html><body><header><div><div><div><p> msgid "" "<strong>Please donate to support Email Self-Defense. We need to keep " "improving it, and making more materials, for the benefit of people around " "the world taking the first step towards protecting their privacy.</strong>" msgstr "" #. type: Content of: <html><body><section><div><div><div><p><a> msgid "" "<a " "href=\"https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&mtm_campaign=email_self_defense&mtm_kwd=guide_donate\">" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img> msgid "Donate" msgstr "" #. type: Content of: <html><body><header><div><div><div><h5> msgid "Sign up" msgstr "" #. type: Content of: <html><body><header><div><div><div><form><p> msgid "Enter your email address to receive our monthly newsletter, the" msgstr "" #. type: Content of: <html><body><header><div><div><div><form><p> msgid "" "<a href=\"https://www.fsf.org/free-software-supporter/\">Free Software " "Supporter</a>" msgstr "" #. type: Content of: <html><body><header><div><div><div><form><p> msgid "" "<input id=\"frmEmail\" type=\"text\" name=\"email-Primary\" size=\"18\" " "maxlength=\"80\" />" msgstr "" #. type: Content of: <html><body><header><div><div><div><form><p> msgid "<input type=\"submit\" name=\"_qf_Edit_next\" value=\"Subscribe me\" />" msgstr "" #. type: Content of: <html><body><header><div><div><div><form><div> msgid "" "<input name=\"postURL\" type=\"hidden\" value=\"\" /> <input type=\"hidden\" " "name=\"group[25]\" value=\"1\" /> <input name=\"cancelURL\" type=\"hidden\" " "value=\"https://my.fsf.org/civicrm/profile?reset=1&gid=31\" /> <input " "name=\"_qf_default\" type=\"hidden\" value=\"Edit:cancel\" />" msgstr "" #. type: Content of: <html><body><header><div><div><p><a> msgid "<a id=\"infographic\" href=\"infographic.html\">" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><a><img> msgid "View & share our infographic →" msgstr "" #. type: Content of: <html><body><header><div><div><p> msgid "" "</a> Bulk surveillance violates our fundamental rights and makes free speech " "risky. This guide will teach you a basic surveillance self-defense skill: " "email encryption. Once you've finished, you'll be able to send and receive " "emails that are scrambled to make sure a surveillance agent or thief " "intercepting your email can't read them. All you need is a computer with an " "Internet connection, an email account, and about forty minutes." msgstr "" #. type: Content of: <html><body><header><div><div><p> msgid "" "Even if you have nothing to hide, using encryption helps protect the privacy " "of people you communicate with, and makes life difficult for bulk " "surveillance systems. If you do have something important to hide, you're in " "good company; these are the same tools that whistleblowers use to protect " "their identities while shining light on human rights abuses, corruption, and " "other crimes." msgstr "" #. type: Content of: <html><body><header><div><div><p> msgid "" "In addition to using encryption, standing up to surveillance requires " "fighting politically for a <a " "href=\"https://gnu.org/philosophy/surveillance-vs-democracy.html\">reduction " "in the amount of data collected on us</a>, but the essential first step is " "to protect yourself and make surveillance of your communication as difficult " "as possible. This guide helps you do that. It is designed for beginners, but " "if you already know the basics of GnuPG or are an experienced free software " "user, you'll enjoy the advanced tips and the <a " "href=\"workshops.html\">guide to teaching your friends</a>." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#1</em> Get the pieces" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "This guide relies on software which is <a " "href=\"https://www.gnu.org/philosophy/free-sw.html\">freely licensed</a>; " "it's completely transparent and anyone can copy it or make their own " "version. This makes it safer from surveillance than proprietary software " "(like Windows or macOS). Learn more about free software at <a " "href=\"https://u.fsf.org/ys\">fsf.org</a>." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Most GNU/Linux operating systems come with GnuPG installed on them, so if " "you're running one of these systems, you don't have to download it. If " "you're running macOS or Windows, steps to download GnuPG are below. Before " "configuring your encryption setup with this guide, though, you'll need a " "desktop email program installed on your computer. Many GNU/Linux " "distributions have one installed already, such as Icedove, which may be " "under the alternate name \"Thunderbird.\" Programs like these are another " "way to access the same email accounts you can access in a browser (like " "Gmail), but provide extra features." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 1.A: Install Wizard" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 1.a</em> Set up your email program with your email account" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Open your email program and follow the wizard (step-by-step walkthrough) " "that sets it up with your email account. This usually starts from \"Account " "Settings\" → \"Add Mail Account\". You should get the email server " "settings from your systems administrator or the help section of your email " "account." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><h4> msgid "Troubleshooting" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "The wizard doesn't launch" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You can launch the wizard yourself, but the menu option for doing so is " "named differently in each email program. The button to launch it will be in " "the program's main menu, under \"New\" or something similar, titled " "something like \"Add account\" or \"New/Existing email account.\"" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "The wizard can't find my account or isn't downloading my mail" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Before searching the Web, we recommend you start by asking other people who " "use your email system, to figure out the correct settings." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "I can't find the menu" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "In many new email programs, the main menu is represented by an image of " "three stacked horizontal bars." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Don't see a solution to your problem?" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Please let us know on the <a " "href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">feedback " "page</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 1.b</em> Install GnuPG" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you are using a GNU/Linux machine, you should already have GnuPG " "installed, and you can skip to <a href=\"#section2\">Section 2</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you are using a macOS or Windows machine, however, you need to first " "install the GnuPG program. Select your operating system below and follow the " "instructions. For the rest of this guide, the steps are the same for all " "operating systems." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><h4> msgid "macOS" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Use a third-party package manager to install GnuPG" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "The default macOS package manager makes it difficult to install GnuPG and " "other pieces of free software (like Emacs, GIMP, or Inkscape). To make " "things easier, we recommend setting up the third-party package manager " "\"Homebrew\" to install GnuPG. For this, we will use a program called " "\"Terminal,\" which is pre-installed on macOS." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "# Copy the first command on the home page of <a " "href=\"https://brew.sh/\">Homebrew</a> by clicking on the clipboard icon, " "and paste it in Terminal. Click \"Enter\" and wait for the installation to " "finalize." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "# Then install GnuPG by entering the following code in Terminal:" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "<code>brew install gnupg gnupg2</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><h4> msgid "Windows" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Get GnuPG by downloading GPG4Win" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "<a href=\"https://www.gpg4win.org/\">GPG4Win</a> is an email and file " "encryption software package that includes GnuPG. Download and install the " "latest version, choosing default options whenever asked. After it's " "installed, you can close any windows that it creates." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "GnuPG, OpenPGP, what?" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In general, the terms GnuPG, GPG, GNU Privacy Guard, OpenPGP and PGP are " "used interchangeably. Technically, OpenPGP (Pretty Good Privacy) is the " "encryption standard, and GNU Privacy Guard (often shortened to GPG or GnuPG) " "is the program that implements the standard. Most email programs provide an " "interface for GnuPG. There is also a newer version of GnuPG, called GnuPG2." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#2</em> Make your keys" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><p><img> msgid "A robot with a head shaped like a key holding a private and a public key" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "To use the GnuPG system, you'll need a public key and a private key (known " "together as a keypair). Each is a long string of randomly generated numbers " "and letters that are unique to you. Your public and private keys are linked " "together by a special mathematical function." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Your public key isn't like a physical key, because it's stored in the open " "in an online directory called a keyserver. People download it and use it, " "along with GnuPG, to encrypt emails they send to you. You can think of the " "keyserver as a phonebook; people who want to send you encrypted email can " "look up your public key." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Your private key is more like a physical key, because you keep it to " "yourself (on your computer). You use GnuPG and your private key together to " "descramble encrypted emails other people send to you. <strong>You should " "never share your private key with anyone, under any circumstances.</strong>" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "In addition to encryption and decryption, you can also use these keys to " "sign messages and check the authenticity of other people's signatures. We'll " "discuss this more in the next section." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 2.A: Make your Keypair" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 2.A: Set your passphrase" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 2.a</em> Make a keypair" msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Make your keypair" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "We will use the command line in a terminal to create a keypair using the " "GnuPG program." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Whether on GNU/Linux, macOS or Windows, you can launch your terminal " "(\"Terminal\" in macOS, \"PowerShell\" in Windows) from the Applications " "menu (some GNU/Linux systems respond to the <kbd>Ctrl + Alt + T</kbd> " "shortcut)." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Enter <code>gpg --full-generate-key</code> to start the process." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# To answer what kind of key you would like to create, select the default " "option: <samp>1 RSA and RSA</samp>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Enter the following keysize: <code>4096</code> for a strong key." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Choose the expiration date; we suggest <code>2y</code> (2 years)." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "Follow the prompts to continue setting up with your personal details." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Depending on your version of GPG, you may need to use <code>--gen-key</code> " "instead of <code>--full-generate-key</code>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "You can set further options by running <code>gpg --edit-key " "[your@email]</code> in a terminal window." msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Set your passphrase" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "On the screen titled \"Passphrase,\" pick a strong passphrase! You can do it " "manually, or you can use the Diceware method. Doing it manually is faster " "but not as secure. Using Diceware takes longer and requires dice, but " "creates a passphrase that is much harder for attackers to figure out. To use " "it, read the section \"Make a secure passphrase with Diceware\" in <a " "href=\"https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/\"> " "this article</a> by Micah Lee." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you'd like to pick a passphrase manually, come up with something you can " "remember which is at least twelve characters long, and includes at least one " "lower case and upper case letter and at least one number or punctuation " "symbol. Never pick a passphrase you've used elsewhere. Don't use any " "recognizable patterns, such as birthdays, telephone numbers, pets' names, " "song lyrics, quotes from books, and so on." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "GnuPG is not installed" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You can check if this is the case with the command <code>gpg " "--version</code>. If GnuPG is not installed, it will bring up the " "following result on most GNU/Linux operating systems, or something like it: " "<samp>Command 'gpg' not found, but can be installed with: sudo apt install " "gnupg</samp>. Follow that command and install the program." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "<i>gpg --full-generate-key</i> command not working" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Some distributions use a different version of GPG. When you receive an error " "code that is something along the lines of: <samp>gpg: Invalid option " "\"--full-generate-key\"</samp>, you can try the following commands:" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "<code>sudo apt update</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "<code>sudo apt install gnupg2</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "<code>gpg2 --full-generate-key</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "If this resolved the issue, you need to continue to use the gpg2 identifier " "instead of gpg throughout the following steps of the guide." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "I took too long to create my passphrase" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "That's okay. It's important to think about your passphrase. When you're " "ready, just follow the steps from the beginning again to create your key." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "How can I see my key?" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Use the following command to see all keys: <code>gpg " "--list-keys</code>. Yours should be listed in there, and later, so " "will Edward's (<a href=\"#section3\">Section 3</a>)." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "If you want to see only your key, you can use <code>gpg --list-key " "[your@email]</code>." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You can also use <code>gpg --list-secret-key</code> to see your own private " "key." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "More resources" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "For more information about this process, you can also refer to <a " "href=\"https://www.gnupg.org/gph/en/manual/c14.html#AEN25\">The GNU Privacy " "Handbook</a>. Make sure you stick with \"RSA and RSA\" (the default), " "because it's newer and more secure than the algorithms the documentation " "recommends. Also make sure your key is at least 4096 bits if you want " "to be secure." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><h4> msgid "Advanced" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Advanced key pairs" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "When GnuPG creates a new keypair, it compartmentalizes the encryption " "function from the signing function through <a " "href=\"https://wiki.debian.org/Subkeys\">subkeys</a>. If you use subkeys " "carefully, you can keep your GnuPG identity more secure and recover from a " "compromised key much more quickly. <a " "href=\"https://alexcabal.com/creating-the-perfect-gpg-keypair/\">Alex " "Cabal</a> and <a href=\"https://keyring.debian.org/creating-key.html\">the " "Debian wiki</a> provide good guides for setting up a secure subkey " "configuration." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 2.B: Send to server and generate a certificate" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 2.b</em> Some important steps following creation" msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Upload your key to a keyserver" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "We will upload your key to a keyserver, so if someone wants to send you an " "encrypted message, they can download your public key from the " "Internet. There are multiple keyservers that you can select from the menu " "when you upload, but they are mostly all copies of each other. Any server " "will work, but it's good to remember which one you uploaded your key to " "originally. Also keep in mind, sometimes takes a few hours for them to match " "each other when a new key is uploaded." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# Copy your keyID: <code>gpg --list-key [your@email]</code> will list your " "public (\"pub\") key information, including your keyID, which is a unique " "list of numbers and letters. Copy this keyID, so you can use it in the " "following command." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Upload your key to a server: <code>gpg --send-key [keyID]</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Export your key to a file" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Use the following command to export your secret key so you can import it " "into your email client at the next <a href=\"#section3\">step</a>. To avoid " "getting your key compromised, store this in a safe place, and make sure that " "if it is transferred, it is done so in a trusted way. Exporting your keys " "can be done with the following commands:" msgstr "" #. type: Content of: <html><body><section><div><div><div><p><code> msgid "<code> $ gpg --export-secret-keys -a [keyID] > my_secret_key.asc" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "$ gpg --export -a [keyID] > my_public_key.asc </code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Generate a revocation certificate" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Just in case you lose your key, or it gets compromised, you want to generate " "a certificate and choose to save it in a safe place on your computer for now " "(please refer to <a href=\"#step-6c\">Step 6.C</a> for how to best store " "your revocation cerficate safely). This step is essential for your email " "self-defense, as you'll learn more about in <a href=\"#section5\">Section " "5</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# Generate a revocation certificate: <code>gpg --gen-revoke --output " "revoke.asc [keyID]</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# It will prompt you to give a reason for revocation, we recommend to use " "<samp>1 = key has been compromised</samp>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# You don't have to fill in a reason, but you can; then press \"Enter\" for " "an empty line, and confirm your selection." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Sending my key to the keyserver is not working" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Instead of using the general command to upload your key to the keyserver, " "you can use a more specific command and add the keyserver to your command " "<code>gpg --keyserver keys.openpgp.org --send-key [keyID]</code>." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "My key doesn't seem to be working or I get a \"permission denied.\"" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Like every other file or folder, gpg keys are subject to permissions. If " "these are not set correctly, your system may not be accepting your keys. You " "can follow the next steps to check, and update to the right permissions." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "# Check your permissions: <code>ls -l ~/.gnupg/*</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "# Set permissions to read, write, execute for only yourself, no " "others. These are the recommended permissions for your folder." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "You can use the command: <code>chmod 700 ~/.gnupg</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "# Set permissions to read and write for yourself only, no others. These are " "the recommended permissions for the keys inside your folder." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "You can use the code: <code>chmod 600 ~/.gnupg/*</code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "If you have (for any reason) created your own folders inside ~/.gnupg, you " "must also additionally apply execute permissions to that folder. Folders " "require execution privileges to be opened. For more information on " "permissions, you can check out <a " "href=\"https://helpdeskgeek.com/linux-tips/understanding-linux-permissions-chmod-usage/\">this " "detailed information guide</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "More about keyservers" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You can find some more keyserver information <a " "href=\"https://www.gnupg.org/gph/en/manual/x457.html\">in this " "manual</a>. You can also <a " "href=\"https://www.gnupg.org/gph/en/manual/x56.html#AEN64\">directly export " "your key</a> as a file on your computer." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Transferring your keys" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Use the following commands to transfer your keys. To avoid getting your key " "compromised, store it in a safe place, and make sure that if it is " "transferred, it is done so in a trusted way. Importing and exporting a key " "can be done with the following commands:" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p><code> msgid "<code> $ gpg --export-secret-keys -a [keyID] > my_private_key.asc" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p><code> msgid "$ gpg --export -a [keyID] > my_public_key.asc" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p><code> msgid "$ gpg --import my_private_key.asc" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "$ gpg --import my_public_key.asc </code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Ensure that the keyID printed is the correct one, and if so, then go ahead " "and add ultimate trust for it:" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "<code> $ gpg --edit-key [your@email] </code>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Because this is your key, you should choose " "<code>ultimate</code>. You shouldn't trust anyone else's key " "ultimately." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd><p> msgid "" "Refer to <a href=\"#step-2b\">Troubleshooting in Step 2.B</a> for more " "information on permissions. When transferring keys, your permissions may get " "mixed, and errors may be prompted. These are easily avoided when your " "folders and files have the right permissions" msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#3</em> Set up email encryption" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "The Icedove (or Thunderbird) email program has PGP functionality integrated, " "which makes it pretty easy to work with. We'll take you through the steps of " "integrating and using your key in these email clients." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 3.A: Email Menu" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 3.A: Import From File" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 3.A: Success" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 3.A: Troubleshoot" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 3.a</em> Set up your email with encryption" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Once you have set up your email with encryption, you can start contributing " "to encrypted traffic on the Internet. First we'll get your email client to " "import your secret key, and we will also learn how to get other people's " "public keys from servers so you can send and receive encrypted email." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Open your email client and use \"Tools\" → <i>OpenPGP Key Manager</i>" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Under \"File\" → <i>Import Secret Key(s) From File</i>" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# Select the file you saved under the name [my_secret_key.asc] in <a " "href=\"#step-2b\">Step 2.B</a> when you exported your key" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "# Unlock with your passphrase" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# You will receive a \"OpenPGP keys successfully imported\" window to " "confirm success" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "# Go to \"Account settings\" → \"End-To-End Encryption,\" and make sure " "your key is imported and select <i>Treat this key as a Personal Key</i>." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "I'm not sure the import worked correctly" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Look for \"Account settings\" → \"End-To-End Encryption.\" Here you can " "see if your personal key associated with this email is found. If it is not, " "you can try again via the <i>Add key</i> option. Make sure you have the " "correct, active, secret key file." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#4</em> Try it out!" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><p><img> msgid "Illustration of a person in a house with a cat connected to a server" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Now you'll try a test correspondence with an FSF computer program named " "Edward, who knows how to use encryption. Except where noted, these are the " "same steps you'd follow when corresponding with a real, live person." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 4.A Send key to Edward." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 4.a</em> Send Edward your public key" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "This is a special step that you won't have to do when corresponding with " "real people. In your email program's menu, go to \"Tools\" → \"OpenPGP " "Key Manager.\" You should see your key in the list that pops up. Right click " "on your key and select <i>Send Public Keys by Email</i>. This will create a " "new draft message, as if you had just hit the \"Write\" button, but in the " "attachment you will find your public keyfile." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Address the message to <a " "href=\"mailto:edward-en@fsf.org\">edward-en@fsf.org</a>. Put at least one " "word (whatever you want) in the subject and body of the email. Don't send " "yet." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "We want Edward to be able to open the email with your keyfile, so we want " "this first special message to be unencrypted. Make sure encryption is turned " "off by using the dropdown menu \"Security\" and select <i>Do Not " "Encrypt</i>. Once encryption is off, hit Send." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "It may take two or three minutes for Edward to respond. In the meantime, you " "might want to skip ahead and check out the <a href=\"#section6\">Use it " "Well</a> section of this guide. Once you have received a response, head to " "the next step. From here on, you'll be doing just the same thing as when " "corresponding with a real person." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "When you open Edward's reply, GnuPG may prompt you for your passphrase " "before using your private key to decrypt it." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 4.B Option 1. Verify key" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 4.B Option 2. Import key" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 4.b</em> Send a test encrypted email" msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Get Edward's key" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "To encrypt an email to Edward, you need its public key, so now you'll have " "to download it from a keyserver. You can do this in two different ways:" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<strong>Option 1.</strong> In the email answer you received from Edward as a " "response to your first email, Edward's public key was included. On the right " "of the email, just above the writing area, you will find an \"OpenPGP\" " "button that has a lock and a little wheel next to it. Click that, and select " "<i>Discover</i> next to the text: \"This message was signed with a key that " "you don't yet have.\" A popup with Edward's key details will follow." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<strong>Option 2.</strong> Open your OpenPGP Key manager, and under " "\"Keyserver\" choose <i>Discover Keys Online</i>. Here, fill in Edward's " "email address, and import Edward's key." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "The option <i>Accepted (unverified)</i> will add this key to your key " "manager, and now it can be used to send encrypted emails and to verify " "digital signatures from Edward." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In the popup window confirming if you want to import Edward's key, you'll " "see many different emails that are all associated with its key. This is " "correct; you can safely import the key." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Since you encrypted this email with Edward's public key, Edward's private " "key is required to decrypt it. Edward is the only one with its private key, " "so no one except Edward can decrypt it." msgstr "" #. type: Content of: <html><body><section><div><div><div><h4> msgid "Send Edward an encrypted email" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Write a new email in your email program, addressed to <a " "href=\"mailto:edward-en@fsf.org\">edward-en@fsf.org</a>. Make the subject " "\"Encryption test\" or something similar and write something in the body." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "This time, make sure encryption is turned on by using the dropdown menu " "\"Security\" and select <i>Require Encryption</i>. Once encryption is on, " "hit Send." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "\"Recipients not valid, not trusted or not found\"" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You could get the above error message, or something along these lines: " "\"Unable to send this message with end-to-end encryption, because there are " "problems with the keys of the following recipients: ...\" In these cases, " "you may be trying to send an encrypted email to someone when you do not have " "their public key yet. Make sure you follow the steps above to import the key " "to your key manager. Open the OpenPGP Key Manager to make sure the recipient " "is listed there." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Unable to send message" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You could get the following message when trying to send your encrypted " "email: \"Unable to send this message with end-to-end encryption, because " "there are problems with the keys of the following recipients: " "edward-en@fsf.org.\" This usually means you imported the key with the \"Not " "accepted (undecided)\" option. Go to the \"key properties\" of this key by " "right clicking on the key in the OpenPGP Key Manager, and select the option " "<i>Yes, but I have not verified that this is the correct key</i> in the " "\"Acceptance\" option at the bottom of this window. Resend the email." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "I can't find Edward's key" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Close the pop-ups that have appeared since you clicked Send. Make sure you " "are connected to the Internet and try again. If that doesn't work, you can " "download the key manually from <a " "href=\"https://keys.openpgp.org/search?q=edward-en%40fsf.org\">the " "keyserver</a>, and import it by using the <i>Import Public Key(s) from " "File</i> option in the OpenPGP Key Manager." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Unscrambled messages in the Sent folder" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Even though you can't decrypt messages encrypted to someone else's key, your " "email program will automatically save a copy encrypted to your public key, " "which you'll be able to view from the Sent folder like a normal email. This " "is normal, and it doesn't mean that your email was not sent encrypted." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Encrypt messages from the command line" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "You can also encrypt and decrypt messages and files from the <a " "href=\"https://www.gnupg.org/gph/en/manual/x110.html\">command line</a>, if " "that's your preference. The option --armor makes the encrypted output appear " "in the regular character set." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Important:</em> Security tips" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Even if you encrypt your email, the subject line is not encrypted, so don't " "put private information there. The sending and receiving addresses aren't " "encrypted either, so a surveillance system can still figure out who you're " "communicating with. Also, surveillance agents will know that you're using " "GnuPG, even if they can't figure out what you're saying. When you send " "attachments, you can choose to encrypt them or not, independent of the " "actual email." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "For greater security against potential attacks, you can turn off " "HTML. Instead, you can render the message body as plain text. In order to do " "this in Icedove or Thunderbird, go to \"View\" → \"Message Body As\" " "→ <i>Plain Text</i>." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Step 4.C Edward's response" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 4.c</em> Receive a response" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "When Edward receives your email, it will use its private key to decrypt it, " "then reply to you." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "It may take two or three minutes for Edward to respond. In the meantime, you " "might want to skip ahead and check out the <a href=\"#section6\">Use it " "Well</a> section of this guide." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Edward will send you an encrypted email back saying your email was received " "and decrypted. Your email client will automatically decrypt Edward's " "message." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "The OpenPGP button in the email will show a little green checkmark over the " "lock symbol to show the message is encrypted, and a little orange warning " "sign which means that you have accepted the key, but not verified it. When " "you have not yet accepted the key, you will see a little question mark " "there. Clicking the prompts in this button will lead you to key properties " "as well." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 4.d</em> Send a signed test email" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "GnuPG includes a way for you to sign messages and files, verifying that they " "came from you and that they weren't tampered with along the way. These " "signatures are stronger than their pen-and-paper cousins -- they're " "impossible to forge, because they're impossible to create without your " "private key (another reason to keep your private key safe)." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "You can sign messages to anyone, so it's a great way to make people aware " "that you use GnuPG and that they can communicate with you securely. If they " "don't have GnuPG, they will be able to read your message and see your " "signature. If they do have GnuPG, they'll also be able to verify that your " "signature is authentic." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "To sign an email to Edward, compose any message to the email address and " "click the pencil icon next to the lock icon so that it turns gold. If you " "sign a message, GnuPG may ask you for your passphrase before it sends the " "message, because it needs to unlock your private key for signing." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In \"Account Settings\" → \"End-To-End-Encryption\" you can opt to " "<i>add digital signature by default</i>." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 4.e</em> Receive a response" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "When Edward receives your email, he will use your public key (which you sent " "him in <a href=\"#step-3a\">Step 3.A</a>) to verify the message you sent has " "not been tampered with and to encrypt a reply to you." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Edward's reply will arrive encrypted, because he prefers to use encryption " "whenever possible. If everything goes according to plan, it should say " "\"Your signature was verified.\" If your test signed email was also " "encrypted, he will mention that first." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "When you receive Edward's email and open it, your email client will " "automatically detect that it is encrypted with your public key, and then it " "will use your private key to decrypt it." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#5</em> Learn about the Web of Trust" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><p><img> msgid "Illustration of keys all interconnected with a web of lines" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Email encryption is a powerful technology, but it has a weakness: it " "requires a way to verify that a person's public key is actually " "theirs. Otherwise, there would be no way to stop an attacker from making an " "email address with your friend's name, creating keys to go with it, and " "impersonating your friend. That's why the free software programmers that " "developed email encryption created keysigning and the Web of Trust." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "When you sign someone's key, you are publicly saying that you've verified " "that it belongs to them and not someone else." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Signing keys and signing messages use the same type of mathematical " "operation, but they carry very different implications. It's a good practice " "to generally sign your email, but if you casually sign people's keys, you " "may accidentally end up vouching for the identity of an imposter." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "People who use your public key can see who has signed it. Once you've used " "GnuPG for a long time, your key may have hundreds of signatures. You can " "consider a key to be more trustworthy if it has many signatures from people " "that you trust. The Web of Trust is a constellation of GnuPG users, " "connected to each other by chains of trust expressed through signatures." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Section 5: trusting a key" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Step 5.a</em> Sign a key" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In your email program's menu, go to OpenPGP Key Manager and select <i>Key " "properties</i> by right clicking on Edward's key." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Under \"Your Acceptance,\" you can select <i>Yes, I've verified in person " "this key has the correct fingerprint</i>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "You've just effectively said \"I trust that Edward's public key actually " "belongs to Edward.\" This doesn't mean much because Edward isn't a real " "person, but it's good practice, and for real people it is important. You can " "read more about signing a person's key in the <a " "href=\"#check-ids-before-signing\">check IDs before signing</a> section." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Identifying keys: Fingerprints and IDs" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "People's public keys are usually identified by their key fingerprint, which " "is a string of digits like F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8 (for " "Edward's key). You can see the fingerprint for your public key, and other " "public keys saved on your computer, by going to OpenPGP Key Management in " "your email program's menu, then right clicking on the key and choosing Key " "Properties. It's good practice to share your fingerprint wherever you share " "your email address, so that people can double-check that they have the " "correct public key when they download yours from a keyserver." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "You may also see public keys referred to by a shorter keyID. This keyID is " "visible directly from the Key Management window. These eight character " "keyIDs were previously used for identification, which used to be safe, but " "is no longer reliable. You need to check the full fingerprint as part of " "verifying you have the correct key for the person you are trying to " "contact. Spoofing, in which someone intentionally generates a key with a " "fingerprint whose final eight characters are the same as another, is " "unfortunately common." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>Important:</em> What to consider when signing keys" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Before signing a person's key, you need to be confident that it actually " "belongs to them, and that they are who they say they are. Ideally, this " "confidence comes from having interactions and conversations with them over " "time, and witnessing interactions between them and others. Whenever signing " "a key, ask to see the full public key fingerprint, and not just the shorter " "keyID. If you feel it's important to sign the key of someone you've just " "met, also ask them to show you their government identification, and make " "sure the name on the ID matches the name on the public key." msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dt> msgid "Master the Web of Trust" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><dl><dd> msgid "" "Unfortunately, trust does not spread between users the way <a " "href=\"https://fennetic.net/irc/finney.org/~hal/web_of_trust.html\">many " "people think</a>. One of the best ways to strengthen the GnuPG community is " "to deeply <a " "href=\"https://www.gnupg.org/gph/en/manual/x334.html\">understand</a> the " "Web of Trust and to carefully sign as many people's keys as circumstances " "permit." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#6</em> Use it well" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Everyone uses GnuPG a little differently, but it's important to follow some " "basic practices to keep your email secure. Not following them, you risk the " "privacy of the people you communicate with, as well as your own, and damage " "the Web of Trust." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Section 6: Use it Well (1)" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "When should I encrypt? When should I sign?" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "The more you can encrypt your messages, the better. If you only encrypt " "emails occasionally, each encrypted message could raise a red flag for " "surveillance systems. If all or most of your email is encrypted, people " "doing surveillance won't know where to start. That's not to say that only " "encrypting some of your email isn't helpful -- it's a great start and it " "makes bulk surveillance more difficult." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Unless you don't want to reveal your own identity (which requires other " "protective measures), there's no reason not to sign every message, whether " "or not you are encrypting. In addition to allowing those with GnuPG to " "verify that the message came from you, signing is a non-intrusive way to " "remind everyone that you use GnuPG and show support for secure " "communication. If you often send signed messages to people that aren't " "familiar with GnuPG, it's nice to also include a link to this guide in your " "standard email signature (the text kind, not the cryptographic kind)." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Section 6: Use it Well (2)" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Be wary of invalid keys" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "GnuPG makes email safer, but it's still important to watch out for invalid " "keys, which might have fallen into the wrong hands. Email encrypted with " "invalid keys might be readable by surveillance programs." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In your email program, go back to the first encrypted email that Edward sent " "you. Because Edward encrypted it with your public key, it will have a green " "checkmark on the \"OpenPGP\" button." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<strong>When using GnuPG, make a habit of glancing at that button. The " "program will warn you there if you get an email signed with a key that can't " "be trusted.</strong>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Copy your revocation certificate to somewhere safe" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Remember when you created your keys and saved the revocation certificate " "that GnuPG made? It's time to copy that certificate onto the safest storage " "that you have -- a flash drive, disk, or hard drive stored in a safe place " "in your home could work, not on a device you carry with you regularly. The " "safest way we know is actually to print the revocation certificate and store " "it in a safe place." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If your private key ever gets lost or stolen, you'll need this certificate " "file to let people know that you are no longer using that keypair." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "<em>IMPORTANT:</em> ACT SWIFTLY if someone gets your private key" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you lose your private key or someone else gets a hold of it (say, by " "stealing or cracking your computer), it's important to revoke it immediately " "before someone else uses it to read your encrypted email or forge your " "signature. This guide doesn't cover how to revoke a key, but you can follow " "these <a " "href=\"https://www.hackdiary.com/2004/01/18/revoking-a-gpg-key/\">instructions</a>. " "After you're done revoking, make a new key and send an email to everyone " "with whom you usually use your key to make sure they know, including a copy " "of your new key." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Webmail and GnuPG" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "When you use a web browser to access your email, you're using webmail, an " "email program stored on a distant website. Unlike webmail, your desktop " "email program runs on your own computer. Although webmail can't decrypt " "encrypted email, it will still display it in its encrypted form. If you " "primarily use webmail, you'll know to open your email client when you " "receive a scrambled email." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Make your public key part of your online identity" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "First add your public key fingerprint to your email signature, then compose " "an email to at least five of your friends, telling them you just set up " "GnuPG and mentioning your public key fingerprint. Link to this guide and ask " "them to join you. Don't forget that there's also an awesome <a " "href=\"infographic.html\">infographic to share.</a>" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Start writing your public key fingerprint anywhere someone would see your " "email address: your social media profiles, blog, Website, or business " "card. (At the Free Software Foundation, we put ours on our <a " "href=\"https://fsf.org/about/staff\">staff page</a>.) We need to get our " "culture to the point that we feel like something is missing when we see an " "email address without a public key fingerprint." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<a href=\"next_steps.html\">Great job! Check out the next steps.</a>" msgstr "" #. type: Content of: <html><body><footer><div><div><p> msgid "" "Copyright © 2014-2023 <a href=\"https://u.fsf.org/ys\">Free Software " "Foundation</a>, Inc. <a " "href=\"https://my.fsf.org/donate/privacypolicy.html\">Privacy " "Policy</a>. Please support our work by <a " "href=\"https://u.fsf.org/yr\">joining us as an associate member.</a>" msgstr "" #. type: Content of: <html><body><header><div><p> msgid "← Read the <a href=\"index.html\">full guide</a>" msgstr "" #. type: Content of: <html><body><header><div><h3><a> msgid "" "<a " "href=\"https://fsf.org/share?u=https://u.fsf.org/zc&t=How%20public-key%20encryption%20works.%20Infographic%20via%20%40fsf\">" msgstr "" #. type: Content of: <html><body><header><div><h3> msgid " Share our infographic </a> with the hashtag #EmailSelfDefense" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><p><img> msgid "View & share our infographic" msgstr "" #. type: Content of: <html><body><header><div><h1> msgid "Great job!" msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#7</em> Next steps" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "You've now completed the basics of email encryption with GnuPG, taking " "action against bulk surveillance. These next steps will help make the most " "of the work you've done." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "← <a href=\"index.html\">Return to the guide</a>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Join the movement" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "You've just taken a huge step towards protecting your privacy online. But " "each of us acting alone isn't enough. To topple bulk surveillance, we need " "to build a movement for the autonomy and freedom of all computer users. Join " "the Free Software Foundation's community to meet like-minded people and work " "together for change." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<small>Read <a href=\"https://www.fsf.org/twitter\">why GNU Social and " "Mastodon are better than Twitter</a>, and <a " "href=\"https://www.fsf.org/facebook\">why we don't use Facebook</a>.</small>" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><p> msgid "Low-volume mailing list" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><form> msgid "" "<input type=\"text\" placeholder=\"Type your email...\" " "name=\"email-Primary\" id=\"frmEmail\" /> <input type=\"submit\" value=\"Add " "me\" name=\"_qf_Edit_next\" /> <input type=\"hidden\" " "value=\"https://emailselfdefense.fsf.org/en/confirmation.html\" " "name=\"postURL\" /> <input type=\"hidden\" value=\"1\" name=\"group[25]\" /> " "<input type=\"hidden\" " "value=\"https://my.fsf.org/civicrm/profile?reset=1&gid=391\" " "name=\"cancelURL\" /> <input type=\"hidden\" value=\"Edit:cancel\" " "name=\"_qf_default\" />" msgstr "" #. type: Content of: <html><body><section><div><div><div><div><p> msgid "" "<small>Read our <a " "href=\"https://my.fsf.org/donate/privacypolicy.html\">privacy " "policy</a>.</small>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Bring Email Self-Defense to new people" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Understanding and setting up email encryption is a daunting task for " "many. To welcome them, make it easy to find your public key and offer to " "help with encryption. Here are some suggestions:" msgstr "" #. type: Content of: <html><body><section><div><div><div><ul><li> msgid "" "# Lead an Email Self-Defense workshop for your friends and community, using " "our <a href=\"workshops.html\">teaching guide</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><ul><li> msgid "" "# Use <a " "href=\"https://fsf.org/share?u=https://u.fsf.org/zb&t=Encrypt%20with%20me%20using%20Email%20Self-Defense%20%40fsf\"> " "our sharing page</a> to compose a message to a few friends and ask them to " "join you in using encrypted email. Remember to include your GnuPG public key " "fingerprint so they can easily download your key." msgstr "" #. type: Content of: <html><body><section><div><div><div><ul><li> msgid "" "# Add your public key fingerprint anywhere that you normally display your " "email address. Some good places are: your email signature (the text kind, " "not the cryptographic kind), social media profiles, blogs, Web sites, or " "business cards. At the Free Software Foundation, we put ours on our <a " "href=\"https://fsf.org/about/staff\">staff page</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Protect more of your digital life" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Learn surveillance-resistant technologies for instant messages, hard drive " "storage, online sharing, and more at <a " "href=\"https://directory.fsf.org/wiki/Collection:Privacy_pack\"> the Free " "Software Directory's Privacy Pack</a> and <a " "href=\"https://prism-break.org\">prism-break.org</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you are using Windows, macOS or any other proprietary operating system, " "we recommend you switch to a free software operating system like " "GNU/Linux. This will make it much harder for attackers to enter your " "computer through hidden back doors. Check out the Free Software Foundation's " "<a href=\"https://www.gnu.org/distros/free-distros.html\">endorsed versions " "of GNU/Linux.</a>" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Optional: Add more email protection with Tor" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<a href=\"https://www.torproject.org/about/overview.html.en\">The Onion " "Router (Tor) network</a> wraps Internet communication in multiple layers of " "encryption and bounces it around the world several times. When used " "properly, Tor confuses surveillance field agents and the global surveillance " "apparatus alike. Using it simultaneously with GnuPG's encryption will give " "you the best results." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "To have your email program send and receive email over Tor, install the <a " "href=\"https://addons.mozilla.org/en-us/thunderbird/addon/torbirdy/\">Torbirdy " "plugin</a> by searching for it through Add-ons." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Before beginning to check your email over Tor, make sure you understand <a " "href=\"https://www.torproject.org/docs/faq.html.en#WhatProtectionsDoesTorProvide\"> " "the security tradeoffs involved</a>. This <a " "href=\"https://www.eff.org/pages/tor-and-https\">infographic</a> from our " "friends at the Electronic Frontier Foundation demonstrates how Tor keeps you " "secure." msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><div><p><img> msgid "Section 7: Next Steps" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Make Email Self-Defense tools even better" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "<a href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">Leave " "feedback and suggest improvements to this guide</a>. We welcome " "translations, but we ask that you contact us at <a " "href=\"mailto:campaigns@fsf.org\">campaigns@fsf.org</a> before you start, so " "that we can connect you with other translators working in your language." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "If you like programming, you can contribute code to <a " "href=\"https://www.gnupg.org/\">GnuPG</a>." msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "To go the extra mile, support the Free Software Foundation so we can keep " "improving Email Self-Defense, and make more tools like it." msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "<a href=\"index.html\">Set up guide</a>" msgstr "" #. type: Content of: <html><body><header><div><ul><li> msgid "<a href=\"workshops.html\" class=\"current\">Teach your friends</a>" msgstr "" #. type: Content of: <html><body><header><div><div><div><p> msgid "" "We want to translate this guide into more languages, and make a version for " "encryption on mobile devices. Please donate, and help people around the " "world take the first step towards protecting their privacy with free " "software." msgstr "" #. type: Content of: <html><body><header><div><div><p><a> msgid "" "<a " "href=\"https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=14&pk_campaign=email_self_defense&pk_kwd=guide_donate\">" msgstr "" #. type: Attribute 'alt' of: <html><body><header><div><div><p><a><img> msgid "View & share our infographic →" msgstr "" #. type: Content of: <html><body><header><div><div><p> msgid "" "</a> Understanding and setting up email encryption sounds like a daunting " "task to many people. That's why helping your friends with GnuPG plays such " "an important role in helping spread encryption. Even if only one person " "shows up, that's still one more person using encryption who wasn't " "before. You have the power to help your friends keep their digital love " "letters private, and teach them about the importance of free software. If " "you use GnuPG to send and receive encrypted email, you're a perfect " "candidate for leading a workshop!" msgstr "" #. type: Attribute 'alt' of: <html><body><section><div><div><p><img> msgid "A small workshop among friends" msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#1</em> Get your friends or community interested" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "If you hear friends grumbling about their lack of privacy, ask them if " "they're interested in attending a workshop on Email Self-Defense. If your " "friends don't grumble about privacy, they may need some convincing. You " "might even hear the classic \"if you've got nothing to hide, you've got " "nothing to fear\" argument against using encryption." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Here are some talking points you can use to help explain why it's worth it " "to learn GnuPG. Mix and match whichever you think will make sense to your " "community:" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Strength in numbers" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Each person who chooses to resist mass surveillance with encryption makes it " "easier for others to resist as well. People normalizing the use of strong " "encryption has multiple powerful effects: it means those who need privacy " "the most, like potential whistle-blowers and activists, are more likely to " "learn about encryption. More people using encryption for more things also " "makes it harder for surveillance systems to single out those that can't " "afford to be found, and shows solidarity with those people." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "People you respect may already be using encryption" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Many journalists, whistleblowers, activists, and researchers use GnuPG, so " "your friends might unknowingly have heard of a few people who use it " "already. You can search for \"BEGIN PUBLIC KEY BLOCK\" + keyword to help " "make a list of people and organizations who use GnuPG whom your community " "will likely recognize." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Respect your friends' privacy" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "There's no objective way to judge what constitutes privacy-sensitive " "correspondence. As such, it's better not to presume that just because you " "find an email you sent to a friend innocuous, your friend (or a surveillance " "agent, for that matter!) feels the same way. Show your friends respect by " "encrypting your correspondence with them." msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "Privacy technology is normal in the physical world" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "In the physical realm, we take window blinds, envelopes, and closed doors " "for granted as ways of protecting our privacy. Why should the digital realm " "be any different?" msgstr "" #. type: Content of: <html><body><section><div><div><div><h3> msgid "We shouldn't have to trust our email providers with our privacy" msgstr "" #. type: Content of: <html><body><section><div><div><div><p> msgid "" "Some email providers are very trustworthy, but many have incentives not to " "protect your privacy and security. To be empowered digital citizens, we need " "to build our own security from the bottom up." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#2</em> Plan The Workshop" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Once you've got at least one interested friend, pick a date and start " "planning out the workshop. Tell participants to bring their computer and ID " "(for signing each other's keys). If you'd like to make it easy for the " "participants to use <a " "href=\"https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/\">Diceware</a> " "for choosing passphrases, get a pack of dice beforehand. Make sure the " "location you select has an easily accessible Internet connection, and make " "backup plans in case the connection stops working on the day of the " "workshop. Libraries, coffee shops, and community centers make great " "locations. Try to get all the participants to set up an email client based " "on Thunderbird before the event. Direct them to their email provider's IT " "department or help page if they run into errors." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Estimate that the workshop will take at least forty minutes plus ten minutes " "for each participant. Plan extra time for questions and technical glitches." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "The success of the workshop requires understanding and catering to the " "unique backgrounds and needs of each group of participants. Workshops should " "stay small, so that each participant receives more individualized " "instruction. If more than a handful of people want to participate, keep the " "facilitator to participant ratio high by recruiting more facilitators, or by " "facilitating multiple workshops. Small workshops among friends work great!" msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#3</em> Follow the guide as a group" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Work through the Email Self-Defense guide a step at a time as a group. Talk " "about the steps in detail, but make sure not to overload the participants " "with minutia. Pitch the bulk of your instructions to the least tech-savvy " "participants. Make sure all the participants complete each step before the " "group moves on to the next one. Consider facilitating secondary workshops " "afterwards for people that had trouble grasping the concepts, or those that " "grasped them quickly and want to learn more." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "In <a href=\"index.html#section2\">Section 2</a> of the guide, make sure the " "participants upload their keys to the same keyserver so that they can " "immediately download each other's keys later (sometimes there is a delay in " "synchronization between keyservers). During <a " "href=\"index.html#section3\">Section 3</a>, give the participants the option " "to send test messages to each other instead of or as well as " "Edward. Similarly, in <a href=\"index.html#section4\">Section 4</a>, " "encourage the participants to sign each other's keys. At the end, make sure " "to remind people to safely back up their revocation certificates." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#4</em> Explain the pitfalls" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Remind participants that encryption works only when it's explicitly used; " "they won't be able to send an encrypted email to someone who hasn't already " "set up encryption. Also remind participants to double-check the encryption " "icon before hitting send, and that subjects and timestamps are never " "encrypted." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Explain the <a " "href=\"https://www.gnu.org/proprietary/proprietary.html\">dangers of running " "a proprietary system</a> and advocate for free software, because without it, " "we can't <a " "href=\"https://www.fsf.org/bulletin/2013/fall/how-can-free-software-protect-us-from-surveillance\">meaningfully " "resist invasions of our digital privacy and autonomy</a>." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#5</em> Share additional resources" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "GnuPG's advanced options are far too complex to teach in a single " "workshop. If participants want to know more, point out the advanced " "subsections in the guide and consider organizing another workshop. You can " "also share <a " "href=\"https://www.gnupg.org/documentation/index.html\">GnuPG's</a> official " "documentation and mailing lists, and the <a " "href=\"https://libreplanet.org/wiki/GPG_guide/Public_Review\">Email " "Self-Defense feedback</a> page. Many GNU/Linux distribution's Web sites also " "contain a page explaining some of GnuPG's advanced features." msgstr "" #. type: Content of: <html><body><section><div><div><h2> msgid "<em>#6</em> Follow up" msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "Make sure everyone has shared email addresses and public key fingerprints " "before they leave. Encourage the participants to continue to gain GnuPG " "experience by emailing each other. Send them each an encrypted email one " "week after the event, reminding them to try adding their public key ID to " "places where they publicly list their email address." msgstr "" #. type: Content of: <html><body><section><div><div><p> msgid "" "If you have any suggestions for improving this workshop guide, please let us " "know at <a href=\"mailto:campaigns@fsf.org\">campaigns@fsf.org</a>." msgstr ""