This is a follow up to John’s earlier post about emails now being considered semi-public.

Back in the old days, encryption was not easy to use. You had to somehow first transmit a shared secret (think secret decoder ring) before you could transmit the encoded data. But nowadays with public/private key encryption, it is trivial. Any time you visit a SSL/HTTPS website, you are using it.

Want to encrypt all your emails so that only the intended recipient can read them and verify that they are actually from you? Check out Enigmail for Mozilla Thunderbird. Install the extension and generate your key pair. Once you do that, you publish the public half of your key on servers so that your recipients can download it. To send an encrypted and/or signed email, you just make sure the buttons are pressed before you send. To send encrypted email, the recipient must also have Enigmail or another PGP implementation setup to decrypt it on their end. If you just sign the email, anyone can still read the content without special software. Once you get a couple friends using the software, you can sign each other’s public keys saying you have verified their identity making it hard for someone else to post a public key pretending to be you.