The steps in the article for Digitally Signing and Encrypting messages do not match my version of thunderbird
I am trying to implement encryption on my copy of Thunderbird using the steps found in your article found at, "https://support.mozilla.org/en-US/kb/digitally-signing-and-encrypting-messages". My version of thunderbird is: 52.5.0. I have installed gpg4win-3.02.exe as well as engimail.
According to your article, I should have a menu option on my main menu in Thunderbird called, "OpenGPG". This does not exist. What I have instead is a menu option, "Enigmail". The "Setup Wizard" under Enigmail is not the same as apparently would be under "OpenGPG", so I have no clue how to proceed at this point.
Some guidance would be welcome.
Thanks, Erik Valdes
Všetky odpovede (3)
That article looks very out of date. I have just installed Enigmail for myself into a new installation of Thunderbird. Yes, it says "Enigmail" where the article says "Open GPG". I was expecting to have to download and install GPG separately, but Enigmail looks after all that for you.
Run the Enigmail setup wizard and follow your nose. My main concern was that because I use Enigmail elsewhere, I wanted to import my existing keys rather than build new ones. But once you have it installed, if the wizard hasn't got you to a point where you have your own keys, that part of the article should show you the method.
Once Enigmail is installed, I think "Key Management" is the door to creating and using new key pairs.
Note that S/MIME is the predominant email encryption tool and one that more of your correspondents are likely to have and use. Support for this is built into Thunderbird and is ready to use without any add-ons. The main stumbling block with it is where to get key pairs; searches will generally take you to sites where you can buy certificates. Comodo still offer free certificates, but by default they install into your browser, so you have to export them to be able to install them into Thunderbird.
Whichever system you use, it's essential that you agree with each correspondent which (if either) system you will both be using. You can't use either of these systems if the other person doesn't or won't use them. And the number of people willing to use end-to-end encryption is still incredibly small.
Thank you for your response.
One of the things I had hoped to get out of the installation instructions for Thunderbird's encryption was a better understanding generally of how encryption works. While it now appears that my install is correct, I still really don't know anything about how to use it. Is there a resource that explains the concepts of key pairs, etc., in such a way that can be understood by the lay person?
Thanks
This a nice introduction.
https://www.techrepublic.com/blog/it-security/email-encryption-using-pgp-and-s-mime/
The Wikipedia article mentioned there goes into rather more depth.
Basically if you want to send me an encrypted message, you need my public key. Your email software encrypts your message using my key. It can only be decrypted by whoever has the matching private key.
S/MIME depends on keys being issued by a central authority trusted by everyone. This usually cost money. The gpg/enigmail system allows you to create your own keys, and the traditional way to earn trust is to attend "signing parties" where you meet other people and sign each others' keys, developing and extending a "web of trust". Thawte used to run a similar system, where you would have meet-ups and show ID's such as passports, driver's licences etc, again building a web of trust. As you collected enough votes from others, your own signature would become more valuable to others.