Programmer's Mindset

Using OpenGPG to Encrypt/Sign Email

I used this over a decade ago, when I worked for doing consulting in a doctor’s office.  We tried to get them to understand encrypting their emails.

After I left TradeWeb, I let go of using GPG (GNU Privacy Guard) out of laziness and the lack of adoption.  While attending #tek12 this year, my interest was again piqued by a presentation on security.

GPG or PGP (Pretty Good Privacy) are easy tools that help you sign/encrypt email.  If each one of us could convert a few people to using the tools, eventually it would spread to everyone.

Signing Emails

Signing emails is a way to let people confirm you are the author of a message.  It does not encrypt the email at all.  Since most people assume that when they receive an email addressed from you is from you, they don’t take the time to check the signature.  However, if they took the time to install the tools to check the signature, they would also have the tools that would allow me to encrypt my email to them.

Encrypting Email

For me to encrypt an email to you, I need you to already have a public key.  The email would automatically decrypt on your end, so it’s not like it takes any extra work.

Do us all a favor, help spread the word…

Leave a Reply

Your email address will not be published. Required fields are marked *