ShortCut[GPG]: Mysterious crypto mails
When I write mails to people for the first time they usually answer them immediately with something like
What is that crazy crypto stuff surrounding your mails? Wondering why I can't read it!?
There are lots of legends out there belonging to this clutter, most of them are only fairy tales, here is the one and only true explanation!
As a friend of security I always try to encrypt my mails via GPG. That is only possible if the recipient is also using GPG and I have his/her public key. If this is not the case, I just sign my mail to give the addressee the chance to verify that the mail is from me and nobody else on its way has modified the content of the mail. So the clutter is the electronic signature of the mail! It’s a simple ASCII code, however not readable for human eyes but readable for some intelligent tools.
There are two kinds of signatures:
- inline signature: it surrounds the message with cryptographic armor. That has the disadvantage that you can't sign attachments or HTML mails and the text is more or less hidden between PGP-goodies.
- attached signatures: the crypto stuff is attached as signature.asc. With the disadvantage that mailservers may be alarmed from this attachment and drop the mail.
Since I usually write ASCII mails without attachments I sign them inline. Such a signed mail that reaches your inbox may look like:
Depending on the used mail-client I usually also attach my public key, so if you’re using a mail-client that is able to handle GPG signed/encrypted mails it should parse the crypto stuff and verify whether the signature is correct or not. In this case the mail will be collapsed so that you’ll see something like this (with an indication whether the signature was valid or not):
But if you’re using a client that doesn’t ever heard about GPG it won’t recognize the cryptographic parts and you’ll only see lot’s of clutter. In this case I recommend to change the mail-client! ;-)
To learn more about GPG take a look at gnupg.org.
- explained (42) ,
- gnu (22) ,
- mail (11) ,
- network (81) ,
- security (31) ,
- shortcut (10) ,
- thunderbird (6) ,
- icedove (6) ,
- ugly (26)
Leave a comment
There are multiple options to leave a comment:
- send me an email
- submit a comment through the feedback page (anonymously via TOR)
- Fork this repo at GitHub, add your comment to the _data/comments directory and send me a pull request
- Fill the following form and Staticman will automagically create a pull request for you: