October 8th, 2003, 08:15 PM
|
| Registered User | | Join Date: Oct 2003 Location: Canada
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
| |
Quote: Originally posted by fryke
It seems that Panther's Mail does not have a PGP help file for the German language... (?) At least not in 7B85... Can you copy the _whole_ thing it says about PGP? | Quote: About encryption and digital signatures
You can use Mail to send secure email messages. They are encrypted and digitally signed by you, using public-key cryptography.
Cryptography is the process of writing in or deciphering secret code. It has become one of the main tools for privacy, trust, access control, electronic payments, and corporate security. Encryption is the encoding of the contents of a message to hide the message contents from outsiders. Decryption is the process of retrieving the original message. A key must be used to encrypt and decrypt the message.
Public-key cryptography was developed because of the limitations of traditional cryptography, in which the sender and receiver had to know and use the same key. If the sender and receiver are in different physical locations, they must trust a phone system or courier, or some other transmission medium, to prevent the disclosure of the secret key. If the key is intercepted, the message can be compromised.
In public-key cryptography, each person gets a pair of keys, a public key and a private key. The public key is published, but the private key is kept secret. The sender and receiver do not share secret information, and no private keys are ever transmitted. Messages are sent using public information, but can only be decrypted with a private key.
If you want to send a secure message to someone, you look up that person's public key in a directory, and use it to encrypt and send the message. Recipients use their private keys to decrypt and read the message.
If you want to digitally sign a message, Mail performs a computation using your private key and the message. The output is called a "digital signature" and is attached to the message. Your recipient can verify the signature using a computation involving the message, the signature, and your public key (which is automatically included as part of the message). Not only does this verify that the message came from you, it also verifies that the message has not been altered since it was sent by you to the recipient.
Encrypting and signing a message in Mail
In Mail, you need the following to create digital signatures:
A signing certificate, including your public key, which identifies you. It's a bit like your name and phone number in a public directory. Other people can communicate with you if they know your public key. Every time you sign a message, your signing certificate is included with the message. The presence of the certificate in the message, with the public key, permits the recipient to verify your digital signature.
A private key, which is created and stored on your computer when you first obtain a certificate. It is protected by your keychain, and should not be disclosed to anyone.
To encrypt an email message, you must have a certificate for each of the message's recipients. The public key in each certificate is used to encrypt the message for that recipient. If you don't have a certificate for even a single recipient, the message cannot be encrypted. The recipient's software uses the recipient's private key, which remains on that person's computer, to decrypt the message.
You can get someone's certificate if that person sends you a digitally signed or encrypted message, since that person's certificate is automatically included in such messages. When you receive one of these messages, Mail automatically stores this person's certificate in the keychain.
Once you have a signing certificate for your mail account stored in your keychain, additional buttons appear in the Compose window, allowing you to digitally sign or encrypt a message.
If you type an email address for which a certificate can be found in the keychain, Mail automatically enables the Encrypt button.
Click Encrypt to encrypt the message for all recipients. You must have a certificate (with the public key) for all recipients. If you don't, you see a dialog that allows you to either cancel the delivery of the message or send the message unencrypted.
Click Sign to digitally sign the message for all recipients of the message.
When you receive a message that has been encrypted, a security header marked "Encrypted" with a lock appears.
When you receive a message that has been signed, a security header appears marked "Signed" with a checkmark appears.
When you receive an encrypted message from someone, you can index the encrypted message so you can search it just as you would search any unencrypted message, or leave it encrypted for security reasons. Choose Mail > Preferences and click General. Leave the option unchecked to bypass indexing.
|  |