If you're capable, encrypt your email! I will soon begin rejecting unencrypted email from repeat correspondents. Here's how:
- Understand the basics of public key encryption. Here's a short summary. A "key pair" is a pair of keys, one public and one private. These two keys are linked. Anything encrypted with the public key can only be decrypted with the private key, and vice versa. They are called public and private only because of how you should treat them. You can give your public key to anyone, but you must guard your private key. To send an encrypted email, you encrypt it with the recipients' public keys, which they must have given to you previously. The recipients can decrypt it with their private keys. To allow somebody to send encrypted email to you, give them your public key. You can encrypt more than just email; any data can be encrypted this way. Data can also be "signed". This is done by computing a fingerprint of the data called a "hash" and encrypting it with your private key. Anyone can decrypt the hash with your public key, and verify that it matches the data they received. Encryption protects against eavesdropping, signing protects against impersonation and data corruption. You can encrypt without signing, or sign without encrypting, but it's best to do both.
- Install the GNU Privacy Guard (GnuPG).
- Install an interface to make it easier to use:
- If you use Thunderbird (recommended), download and install the Enigmail add-on.
- If you use webmail (GMail, Hotmail, Yahoo! Mail, etc), install Firefox as your web browser and then install the Mailvelope add-on.
- If you use Outlook, install GpgOL (part of GPG4Win).
- If you use Outlook Express, install GPGOE.
- If you use another email client, see this list to determine how to use it with GPG.
- Generate a key pair for yourself. The way to do this depends on the interface you installed. (Using GPG Desktop makes this easy.) Consider uploading your public key to a public key server, so that people can automatically find your public key. (You can do this from GPG Desktop by clicking "Manage Keys", right-clicking your key, and choosing "Send Public Keys to Key Server".)
- Import my public key. It is given below as a downloadable file, and a block of text that you can copy. (You can do this from GPG Desktop by clicking "Manage Keys", right-clicking in the key list, and choosing "Import Keys".)
- Write your email to me, encrypt it using my public key and your public key, and sign it, too. (Encrypting with your own public key is not strictly necessary, but will allow you to read your sent email at a later time. This is often called an "encrypt to self" option.)