« Google is hostile to open source, open standards and no longer cool | Main | Have you swikked yet? »

July 07, 2005

Digital Signing and Encryption of email on Linux and Mac OS X

Years ago I played with PGP - pretty good privacy, an open source crypto package from Phil Zimmerman. At the time, Phil copped a lot of heat from the NSA and others, concerned with the nefarious applications of crypto. I played around with signing my email and so on, but I upgraded my computer and my attention drifted.

My family do all of our banking online. As a result I am a little paranoid about security. We never do banking unless on one of our own Mac or Linux machines. (Our Macs have just become plural - we added an iMac for my 4 year old son Curtis). What really worries me is phishing. As a result I have my spam filters turned way up, to the point where I sometimes miss non-spam. (Apologies to any open source patch submitters I have been slow to respond to). Occasionally I have to look closely at a phishing email. Looking at the actual URL and viewing raw source of the email headers always reveals the scam. What worries me is what is a couple of things:

1. knowledge of the SMTP and HTTP seems to be required to ascertain a scam, and
2. how do people know my messages are really from me?

I have always thought that digital signing ala PGP, was a solution waiting for its time. I thought that once authentication and privacy became a big deal, naturally all this stuff would get used. Today I decided to take the trip. From now on, all emails from me will be digitally signed with my own Thawte Certificate.

Having done this I can sign my emails and encrypt them. The thing I have not worked out is how to share my public key. This is the missing piece.

Posted by gluck at July 7, 2005 10:55 AM

Comments