image
image

Go Back   macosx.com > Mac Help Forums > Mac OS X System & Mac Software

Reply
 
Thread Tools
  #1  
Old October 8th, 2003, 03:54 PM
Registered User
 
Join Date: Oct 2003
Location: Canada
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Dalbot is on a distinguished road
How do you enable PGP encryption in Panther Mail?

I just can't get it to work even though I followed Mail Help's instructions:

Quote:
A private key, which is created and stored on your computer when you first obtain a certificate. It is protected by your keychain, and should not be disclosed to anyone.

To encrypt an email message, you must have a certificate for each of the message's recipients. The public key in each certificate is used to encrypt the message for that recipient. If you don't have a certificate for even a single recipient, the message cannot be encrypted. The recipient's software uses the recipient's private key, which remains on that person's computer, to decrypt the message.

You can get someone's certificate if that person sends you a digitally signed or encrypted message, since that person's certificate is automatically included in such messages. When you receive one of these messages, Mail automatically stores this person's certificate in the keychain.

Once you have a signing certificate for your mail account stored in your keychain, additional buttons appear in the Compose window, allowing you to digitally sign or encrypt a message
I sent myself a digitally signed and encrypted email message using PGP Mail in Jaguar. I booted into Panther and checked my email with Mail. It received the message but did not recognize my digital signature or add it to my keychain. It doesn't work as Apple claims it does in Mail's Help. Pretty stupid to add this feature and the conceal how to make it work. Why not just add Mail encryption by default (turn it on via Mail prefs)?
Reply With Quote
  #2  
Old October 8th, 2003, 06:10 PM
Captain Code's Avatar
Moderator
 
Join Date: Aug 2001
Location: Ontario, Canada
Posts: 3,107
Thanks: 0
Thanked 0 Times in 0 Posts
Captain Code will become famous soon enough
Just a guess, but maybe you can't encrypt an email to yourself..
__________________
MacBook Pro 2.16GHz Core2Duo 3GB RAM, G4 1.4GHz OSX Tiger 1.25GB RAM, Dual 2GHz G5 OSX Tiger 2GB RAM (freakin shweet)
Athlon 64 Windoze XP for school work (programming) 1GB RAM
dferns@macosx.com
Reply With Quote
  #3  
Old October 8th, 2003, 06:26 PM
fryke's Avatar
Super Moderator
 
Join Date: Sep 2000
Location: macosx.com
Posts: 13,156
Thanks: 2
Thanked 12 Times in 12 Posts
fryke has a spectacular aura aboutfryke has a spectacular aura about
It seems that Panther's Mail does not have a PGP help file for the German language... (?) At least not in 7B85... Can you copy the _whole_ thing it says about PGP?

(I've never used PGP in my whole life but would like to start now with Panther's Mail.app... It would be useful to me to know where to start and how...)
__________________
MacBook Air 13" 1.6 GHz, 2 GB RAM, 80 GB HD. Mac OS X 10.5.5
MacBook 13" 1.83 GHz, 2 GB RAM, 160 GB HD. Mac OS X 10.5.5
Hackintosh Core2Duo 2.4 GHz, 2 GB RAM, 160 GB HD. Mac OS X 10.5.5
iPhone 3G 16 GB (v2.1), AppleTV 1G 40 GB (v2.1)

Mac user since 1987, Apple Product Professional 2007, 2008.
Reply With Quote
  #4  
Old October 8th, 2003, 08:15 PM
Registered User
 
Join Date: Oct 2003
Location: Canada
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Dalbot is on a distinguished road
Quote:
Originally posted by fryke
It seems that Panther's Mail does not have a PGP help file for the German language... (?) At least not in 7B85... Can you copy the _whole_ thing it says about PGP?
Quote:
About encryption and digital signatures

You can use Mail to send secure email messages. They are encrypted and digitally signed by you, using public-key cryptography.

Cryptography is the process of writing in or deciphering secret code. It has become one of the main tools for privacy, trust, access control, electronic payments, and corporate security. Encryption is the encoding of the contents of a message to hide the message contents from outsiders. Decryption is the process of retrieving the original message. A key must be used to encrypt and decrypt the message.

Public-key cryptography was developed because of the limitations of traditional cryptography, in which the sender and receiver had to know and use the same key. If the sender and receiver are in different physical locations, they must trust a phone system or courier, or some other transmission medium, to prevent the disclosure of the secret key. If the key is intercepted, the message can be compromised.

In public-key cryptography, each person gets a pair of keys, a public key and a private key. The public key is published, but the private key is kept secret. The sender and receiver do not share secret information, and no private keys are ever transmitted. Messages are sent using public information, but can only be decrypted with a private key.

If you want to send a secure message to someone, you look up that person's public key in a directory, and use it to encrypt and send the message. Recipients use their private keys to decrypt and read the message.

If you want to digitally sign a message, Mail performs a computation using your private key and the message. The output is called a "digital signature" and is attached to the message. Your recipient can verify the signature using a computation involving the message, the signature, and your public key (which is automatically included as part of the message). Not only does this verify that the message came from you, it also verifies that the message has not been altered since it was sent by you to the recipient.

Encrypting and signing a message in Mail

In Mail, you need the following to create digital signatures:

A signing certificate, including your public key, which identifies you. It's a bit like your name and phone number in a public directory. Other people can communicate with you if they know your public key. Every time you sign a message, your signing certificate is included with the message. The presence of the certificate in the message, with the public key, permits the recipient to verify your digital signature.

A private key, which is created and stored on your computer when you first obtain a certificate. It is protected by your keychain, and should not be disclosed to anyone.

To encrypt an email message, you must have a certificate for each of the message's recipients. The public key in each certificate is used to encrypt the message for that recipient. If you don't have a certificate for even a single recipient, the message cannot be encrypted. The recipient's software uses the recipient's private key, which remains on that person's computer, to decrypt the message.

You can get someone's certificate if that person sends you a digitally signed or encrypted message, since that person's certificate is automatically included in such messages. When you receive one of these messages, Mail automatically stores this person's certificate in the keychain.

Once you have a signing certificate for your mail account stored in your keychain, additional buttons appear in the Compose window, allowing you to digitally sign or encrypt a message.

If you type an email address for which a certificate can be found in the keychain, Mail automatically enables the Encrypt button.

Click Encrypt to encrypt the message for all recipients. You must have a certificate (with the public key) for all recipients. If you don't, you see a dialog that allows you to either cancel the delivery of the message or send the message unencrypted.

Click Sign to digitally sign the message for all recipients of the message.
When you receive a message that has been encrypted, a security header marked "Encrypted" with a lock appears.
When you receive a message that has been signed, a security header appears marked "Signed" with a checkmark appears.

When you receive an encrypted message from someone, you can index the encrypted message so you can search it just as you would search any unencrypted message, or leave it encrypted for security reasons. Choose Mail > Preferences and click General. Leave the option unchecked to bypass indexing.
Reply With Quote
  #5  
Old October 8th, 2003, 10:20 PM
Registered User
 
Join Date: Oct 2003
Location: Canada
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Dalbot is on a distinguished road
I think I figured it out, but it's been a pain in the ass.

Apparently, Panther Mail only supports the S/MIME security standard. So PGP keys don't work. You need to obtain a S/MIME certificate from a Certificate Authority. Almost all of them charge for a S/MIME certificate. You can obtain a free, limited S/MIME certificate from http://www.thawte.com/. Mine is currently pending so I haven't had a chance to test it out.

Read more about S/MIME here:

http://www.sanbeiji.com/blog/article.php?articleNum=91
Reply With Quote
  #6  
Old October 9th, 2003, 04:57 AM
Giaguara's Avatar
Chmod 760
 
Join Date: Nov 2002
Location: ~
Posts: 7,545
Thanks: 0
Thanked 8 Times in 8 Posts
Giaguara has a spectacular aura aboutGiaguara has a spectacular aura about
That sucks.
__________________
MacBook Pro + Mac mini | Newton 2000 | @Work : Dell D620 & 2x20" + a lot of Macs | Workstation, VC & Fusion
Twenty years from now you will be more disappointed by the things that you didn't do than by the ones you did do.
~ Samuel Clemens | Rants | Photos
Reply With Quote
  #7  
Old October 9th, 2003, 05:18 AM
fryke's Avatar
Super Moderator
 
Join Date: Sep 2000
Location: macosx.com
Posts: 13,156
Thanks: 2
Thanked 12 Times in 12 Posts
fryke has a spectacular aura aboutfryke has a spectacular aura about
There's still MacGPG (the GNU version of PGP, I think, in some way). It has a Mail.app plugin afaik. But as I've said: I've never used it... :/

Here's a call: Apple should make security REALLY easy to grasp, i.e.: On first opening Mail.app, it should ask you whether you want to use GPG (or their S/MIME, whatever) and then create everything for you (asking for passphrases and random input etc., of course for security reasons). After that you'd be set up and can publish your public key. But hey, what do I know...
__________________
MacBook Air 13" 1.6 GHz, 2 GB RAM, 80 GB HD. Mac OS X 10.5.5
MacBook 13" 1.83 GHz, 2 GB RAM, 160 GB HD. Mac OS X 10.5.5
Hackintosh Core2Duo 2.4 GHz, 2 GB RAM, 160 GB HD. Mac OS X 10.5.5
iPhone 3G 16 GB (v2.1), AppleTV 1G 40 GB (v2.1)

Mac user since 1987, Apple Product Professional 2007, 2008.
Reply With Quote
  #8  
Old October 9th, 2003, 05:59 AM
Giaguara's Avatar
Chmod 760
 
Join Date: Nov 2002
Location: ~
Posts: 7,545
Thanks: 0
Thanked 8 Times in 8 Posts
Giaguara has a spectacular aura aboutGiaguara has a spectacular aura about
Ive used the macgpg on 10.1 and 10.2 but havent really tried anything on 10.3.
__________________
MacBook Pro + Mac mini | Newton 2000 | @Work : Dell D620 & 2x20" + a lot of Macs | Workstation, VC & Fusion
Twenty years from now you will be more disappointed by the things that you didn't do than by the ones you did do.
~ Samuel Clemens | Rants | Photos
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off
Forum Jump


All times are GMT -5. The time now is 12:37 AM.


Mac Support® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.1.0
Copyright 2000-2008 DigitalCrowd, Inc.