The following steps are needed for encrypted email:

  • Install enigmail in thunderbird.
  • Tutorial on how to generate keys. System interface is crap. Help is not much better.
  • Establish a mechanism for key exchange. Possibly just by using public key servers offered in enigmail.
  • Signing of each other's keys to establish web of trust.
  • By default Thunderbird doesn't show the menu bar. To make managing encryption easier, ensure that menu bar is visible.
  • Sign your own cert, or it will not be trusted.

Open Questions

  1. Default is to always trust keys. Is this desirable for eastablishing a web of trust?
  2. Is a screencast for setting this up a good idea? Could be useful for other members of GLLUG who don't always come to meetings, as well as people outside the group. Possibly good evangelism.
  3. Should we create guidelines for secure key escrow? CD/Flash drive in a safe deposit box?