[kdepim-users] About Crypto

Tue Jan 6 23:06:14 GMT 2009

On Tuesday 06 January 2009, Werner Joss wrote:
> Am Dienstag 06 Januar 2009 18:07:44 schrieb Kishore:
> > I would like to sign mail and perhaps even encrypt some of my
> > office mail and so would like to learn a little. Of course, i am
> > interested in this from a user point of view. I would really
> > appreciate anyone educating me on this... maybe just point me to
> > relevant web links!

You might want to start with the "Introduction to Cryptography" by Phil 
Zimmermann (the father of PGP):
http://www.pgpi.org/doc/guide/6.5/en/intro/

Then you might want to join the gnupg-users at gnupg.org mailing list.

> well, there is at least
> http://kontact.kde.org/kmail/kmail-pgpmime-howto.php
> which still describes kontact from kde 3.3 but many explanations
> there are still valid, software requirements are not, of course, for
> newer kmail/kde versions.
>
> > Clearly, kmail has support for these. so let me ask.
> >
> > 1) Can I use the same key that I generated for ssh access to my
> > company git hosting server? I would prefer to keep one key for all
> > official work.
>
> not that I would know of - ssh uses different keys than gnupg (anyone
> correct me if I'm wrong)

This is correct. Since ssh and OpenPGP both support RSA, in theory, it 
is possible to create an OpenPGP key from the ssh key. But in practice 
the effort is not worth it.

> > 2) Do I need to back up this key and keep it real safe? As far as
> > my ssh access is concerned it is not fatal if I loose the key as
> > all i need to do is inform colleagues and then regain access to the
> > server with help from a coleague who can reset my ssh key on the
> > server with a new one. I guess I will need to backup especially for
> > encrypted mail! :)
>
> I would recommend keeping a backup of your whole ~/.gnupg directory,
> once configured correctly - not sure if you would be able to restore
> your private keys in case you loose that.

If the private key is gone it's gone, so better keep a backup.

> > 3) What do the recipients of my mail need to do? I can help with
> > colleagues but probably not so with external people if it requires
> > them to perform something complex before they can read my mail.
> > What would they need to do?
>
> in short: anyone you want to send an encrypted mail to, will first
> have to send you his public (gnupg) key (or you grab it from a public
> keyserver). you can then use this to encrypt the message - the
> recipient can then decrypt it using his private key.
> same applies the other way round :)
>
> > 4) How do commonly used clients like outlook and even web clients
> > like gmail deal with it?
>
> there are IMO free pgp plugins available for outlook, as for gmail, I
> have no idea. 

See
http://www.gnupg.org/related_software/frontends.en.html
for a long list of OpenPGP related tools.

Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kdepim-users/attachments/20090107/1a039e5c/attachment.sig>
-------------- next part --------------
_______________________________________________
KDE PIM users mailing list
kdepim-users at kde.org
https://mail.kde.org/mailman/listinfo/kdepim-users