so i’ve played with PGP in the past, and was completely overwhelmed and confused. for me, the tools were arcane, the documentation assumed much knowledge that i didn’t have, and wasn’t very helpful for the novice.

that was probably ten years ago. PGP (Pretty Good Privacy) has gone away, and in its place is GPG (GNU Privacy Guard). there are distros of GPG for pretty much every major platform, and there’s even a firefox extension to help integrate gpg into gmail, making things That Much Easier. i’ve used it a bit (though i only have three friends who use gpg at the moment), and the process isn’t as hard as i once thought, especially with the tools in the state they are today. if you’re curious, you might find it a little easier than you thought. it basically works like this:

1. install GPG for your OS.
2. with your newly installed software, use the key manager to create a key pair for a specific email address. this includes a private key that you never share with anyone, and a public key that you do share with everyone that you want to exchange mail with.
3. get your friends’ public keys. if you want to exchange mail with people, they need to be using gpg as well. that’s the drawback. import these keys with your key manager.
4. you’re now ready to encrypt things to other people! when you encode something, make sure you encode it using the public key of the person you want to send it to. that’s the mistake i made early on, and wound up encrypting a bunch of stuff with my public key that only i could unencrypt. nurrr.

fireGPG works will for firefox, and integrates some handy buttons into gmail so that you can sign, verify, encrypt, decrypt, and send — all without having to leave your browser. when i installed GPG4Win on my XPSP2 box, it dropped right in and worked like a charm. however, i also installed it on my suse 9.3 box at work. in that case, it complained of not being able to find the gpg binary, even though i pointed the extension right at it. on the fireGPG forums, this seems to be a known issue for some people (on both windows and linux) with no solid solution yet, so it may or may not bite you. the developer is working on it, so there’s still hope.

another thing i found myself wanting to do is have my private key on two different machines (home, work) so that i could send encrypted mail from both places. i found a really awesome command-line gpg cheatsheet that helps a lot when doing more of the fiddly bits, and i recommend reading it. tip for you windows users: after installing GPG4Win, running cmd.exe to get a terminal will let you do these command-line items.

so that’s been my past couple days, aside from a lot of super mario galaxy with sara. oh, and tiger woods pga tour 2008. which, while a nice game, has one of the worst interfaces in the known universe. cheers, and if i hear from you, i hope to hear from you via gpg!

i’m finally stepping into this world.  my email address is: the username that this entry was posted by, at gmail.


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.0 (GNU/Linux)

mQGiBEd+akMRBAColGLnPn87eXlGp/GUeeJGt9za+UwAlGLarI594CrTbeJgLTtd
qJySdX+zXuPrTz5fPTYg03z5oNq4MrGltkC3fy0NIRVzpghn+0j5oXY07GCPHIA7
/NXbUsIKQls0eGIGSgreEpAoYq8qjmQ4QztmB1/oywAsj9Tv4DSfrOfyBwCgppwK
0b4sVBYm74DzgA1Lds9HMisD+wTiDmOG35V6SdvnDdyAaZHu9ybZAKnFROUgiDUm
IJ0GqrKDkGRQDnabeaVRYQjFe8EEi2BEFth+QBRT9vkX4RaeS1ruhI9eGxg6QqJt
xva479UAIea6+aXmuoy8MXRs+GcRvbVAWqP4XBBixqYmVYBQF/DzsF9gaDL29fYJ
5rtgA/9OjbvBqdVldgTRuFryIQpHkbTuiooHoxRJjtGFUHskM5RHdh8ZbP8TV/+5
cclFEkhtRBFeuIWzNlCNAKtOiE7UxgiUcQ+sIFMLLuwOna7pCag5Gs3i/3VUklBE
7IL5z1tfSSBNc28rXZRXpv8KIDFuo7VyjSdk/2G+3d5gFtHILLQgdG9ueSBldGll
bm5lIDx0ZXR1amluQGdtYWlsLmNvbT6IWwQTEQIAGwUCR35qQwYLCQgHAwIDFQID
AxYCAQIeAQIXgAAKCRDbXCvK2vDwmxqUAJ96rEAEwoaKkX7Tua6+O9xFxIGhBQCb
BAgLjzs+V+riAArJpmf9O/Qqqae5AQ0ER35qRRAEAIEXK1GYfrwM3KxXbG0KqGui
oi2yDRUFXdTNFl0nwP1vWaJQW8MW3Y7d503y4ApQD0mZEAbAAVuLSbYmd/Ckn/Am
eaYXmGryAXUygJuqstFAcihZ/rbnQbqsakklI2x64uyrpUylhK8re1eEUGBv1fZY
Nc6Lmspy/U9gujSNf6mvAAQLA/4qEGg0c5dCIM8zAJ6xiTNJ9aks7waPNtgJAz4N
89yjCBr4+JmJFgMhopF2bSd0Ty9IAf0KHSZuzbB1eNKGRuy3VGGrJav1D7Ylqkme
6vQ9TfVpYg3Cv5Sjc5M6HlGCsJY7nCtN0C0qY8Kd33P61O+UHMs6K2KXFA4783XJ
x35T74hGBBgRAgAGBQJHfmpFAAoJENtcK8ra8PCbncoAn2Wpixj7Tp1fM7GIxyh4
SwdHyStQAJ45SCdp5ioqh2Gns6hJIhXz0L5jlQ==
=UGZ1
-----END PGP PUBLIC KEY BLOCK-----