encrypted email

Subject: encrypted email
From: LT (lee@afabco.com)
Date: Sun Jun 08 2003 - 01:12:59 AKDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: enderak@gci.net: "PCMCIA to SCSI"
Previous message: Matthew Dunaway: "Re: KDE"

Hi Mike.

You are correct, encrypted email for the non-techno (like my mom <g>) is
an incredible hassle. Email encryption (or enveloping) is one of the
more dismal failures of the technos, having little to do with the
technology and a lot to do with the persons and egos and legalities and
FUD and the various technoasses delighting in deliberately obfuscating
the info and magnifying the minutia and....all that.

If you want a wonderful case study of how not to do things in multiple
worst possible ways, it'd be hard to find a better one than email
encryption.

/rant off

I have my mom set up to do it, and have had for years as long as we're
both on windows variants. I did have to set theirs up for them, so the
whole mailing process is transparent for them once they push the 'send'
button.

Pointer one: Use PGP 6.0.x, not anything later. the later stuff had
some proprietary stuph and other legal stuph that NAI put in for a
variety of reasons (further reading is left up to the student <g>). In
addition, AIR, 6.5 was glitchy for me, and I've heard the same about
later versions.

The full line of PGPs used to be available from zedz.net. (just
checked, still is, ftp://ftp.zedz.net/pub/crypto/pgp/pgp60 ) AIR, it
was actually pretty easy to set up with both eudora and outlook.

Pointer two: It'll work with outlook, but I ended up setting mom up
with Eudora. It was just easier for them, and there were a lot of
subtle niceties. I continued to use outlook on mine when I was on an
NT/2000 machines. Once again, AIR, install and setup were pretty
straightforward, no probs that stick in my memory.

Pointer three: Contrary to almost all recommedations, don't put an
expiry on the keys (unless you have a specific reason for wanting them
to expire), 'cause you'll just have to do it all over again after the
expiry date.

On the evolution side, I got tired of swapping drives every time I
needed to decode an email, so I just did this like 3 days ago. Been
meaning to for over a year, but wrasslin' with the often contradictory
info and documentation (old, new, latest, early, outdated, etc) off and
on over that time left me uncertain as to a lot of things (like
attachments). When I finally sat down to do the GPG and evolution link
just the other night, the only hitch was discovering one has to use the
keyid to identify the default encryptor key instead of the email
address.

Which I'm sure there is a Very Good Tech and/or Crypto reason for....

Anyway, seems to be working ok, so far, and with attachments (!).

If the non-techno's machine (mom's) is not within driving distance, I'd
probably set up tightvnc on their machine using one of the email
installers, then after it's installed and connected, just take control
of their machine and do it all for them.

Let me know if you want to play with this; I'm still working on it for
me and my mom with evolution.

Lee

-- LT <lee@afabco.com>

-- Attached file included as plaintext by Listar -- -- File: signature.asc -- Desc: This is a digitally signed message part

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQA+4v4bIsda6h1FBdARAn8TAJ41y40iqJW9eY7V1rQiCLiIvy3LEACgqNKr LtZMWR9cqvteLW3qf2vPcqA= =GFnS -----END PGP SIGNATURE-----

--------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.

Next message: enderak@gci.net: "PCMCIA to SCSI"
Previous message: Matthew Dunaway: "Re: KDE"

This archive was generated by hypermail 2a23 : Sun Jun 08 2003 - 01:13:04 AKDT