Before any OpenPgp software can encrypt an email message, it needs to have access the recipient's public key.
A public key allows anyone to encrypt a message to the recipient, but only the recipient can decrypt the message. A public key can be shared a number of different ways.
Sometimes the public key is attached as a file to an email message.
Other times, the key may be uploaded to a public server that you can search.
If Encryptomatic OpenPGP can't find the recipient's public key in its local key store, it will ask your permission to search public key servers.
Public key servers have worked fairly well for decades, but lately there has been problems with people spamming or "poisoning" the key server network to make it hard to discern the correct public key for certain people.
Because anyone can upload a public key for any email address, and because some keys never expire (unexpired keys persist forever in the SKS key servers), this has started to become a problem. Nevertheless, searching key servers is a good way to discover keys for many people, even while some high profile people are struggling with this spam.
Given the present realities and limitations of the public key server network, we at Encryptomatic LLC advocate setting your keys to expire after a year or two. The expiration date can always be extended later, but try to avoid the problem of key accumulation that might confuse others as to which public key is the correct one.
Encryptomatic OpenPGP provides various capabilities around key management to help you. From Settings > Key Management, you can import public keys several ways: from a text file, from your Windows clipboard, or from the public key servers.
You can also share your public key by exporting it to a file, your clipboard, by attaching it directly to an email, or by uploading it to a public key server. You can work to keep your keys up to date by refreshing them from the public key server network.
While you can share your public key with anyone, make sure that protect your private key with a strong password. Anyone who has your private key will be able to access any emails sent to you that were encrypted with your public key. Keep the private key secure.
A public key allows anyone to encrypt a message to the recipient, but only the recipient can decrypt the message. A public key can be shared a number of different ways.
Sometimes the public key is attached as a file to an email message.
Other times, the key may be uploaded to a public server that you can search.
If Encryptomatic OpenPGP can't find the recipient's public key in its local key store, it will ask your permission to search public key servers.
Public key servers have worked fairly well for decades, but lately there has been problems with people spamming or "poisoning" the key server network to make it hard to discern the correct public key for certain people.
Because anyone can upload a public key for any email address, and because some keys never expire (unexpired keys persist forever in the SKS key servers), this has started to become a problem. Nevertheless, searching key servers is a good way to discover keys for many people, even while some high profile people are struggling with this spam.
How we help you manage public OpenPgp keys.
Given the present realities and limitations of the public key server network, we at Encryptomatic LLC advocate setting your keys to expire after a year or two. The expiration date can always be extended later, but try to avoid the problem of key accumulation that might confuse others as to which public key is the correct one.
Encryptomatic OpenPGP provides various capabilities around key management to help you. From Settings > Key Management, you can import public keys several ways: from a text file, from your Windows clipboard, or from the public key servers.
 |
| Key Management Button in Microsoft Oulook |
You can also share your public key by exporting it to a file, your clipboard, by attaching it directly to an email, or by uploading it to a public key server. You can work to keep your keys up to date by refreshing them from the public key server network.
Protecting your Private Key
While you can share your public key with anyone, make sure that protect your private key with a strong password. Anyone who has your private key will be able to access any emails sent to you that were encrypted with your public key. Keep the private key secure.
No comments:
Post a Comment