Curious to know - do you encrypt/sign emails you send?

I do like the idea, and I have a key set up, but I don't use it. Most of my contacts would simply respond with "why bother?" - does such a situation make signing a pointless activity for me?

I don't, but I have the key.

I haven't bothered: most of my contacts would be baffled even starting to know what to do with it.

I always do, except when I'm writing to a mailing-list. No one has complained so far.

I don't use email very much for person use, and I've never sent anything that I would consider sensitive, so no.

only when it is required which is very very rarely.

most of the infomation in my communications isn't that interesting to anybody but the intended recipients anyway.

mostly its 'you going down the pub tonight?' 'yeah' 'see you there' etc. etc.

I don't see the point. If just one email gets in the hands of the wrong person, the key is useless.

I don't see the point. If just one email gets in the hands of the wrong person, the key is useless.
What? I thought the point of encryption was so that if the email fell into the wrong hands, they couldn't do anything with it.

I would like to and I have it all set up, but nobody I communicate with seems to care or, really have any idea.

Tim

What? I thought the point of encryption was so that if the email fell into the wrong hands, they couldn't do anything with it.

It that how signing mails works? I've just seen quite a few people who have a key in their signature to show that it's really them writing the email, I thought that was what this thread was about.

It seems that I was wrong. :oops:

It that how signing mails works? I've just seen quite a few people who have a key in their signature to show that it's really them writing the email, I thought that was what this thread was about.

It seems that I was wrong. :oops:
And signing doesn't quite work that way either, as the signature at the bottom depends on the key AND the content of the message, IIRC,

And signing doesn't quite work that way either, as the signature at the bottom depends on the key AND the content of the message, IIRC,

Then the people I've seen using it must have been doing it wrong, it was always the same string.

people (like me) usually have the fingerprint of their public key in the mail signature (this is the plain text at the end of the mail, not a cryptographic signature). not even the whole public key. the public key is... well public anyway, it is meant to be distributed to just about everyone. it's the secret key that needs to be protected.

signatures can be created using the private key and verified using the public key.

encryption works similar.

i have very few recipients (1 or 2) i correspond in gpg encryption with.

I sign all email.


I always do, except when I'm writing to a mailing-list. No one has complained so far.

I do especially when writing to a mailing list. If my name is posted publicly, I want it to be verifiable.

Whenever someone gives me their email address I'll send them a test email just to make sure it works and I'll include my OpenPGP key as an attachment with a short explanation, depending on how technically inclined they are.

I rarely email for personal purposes though. That's what IM protocols are for. A good percentage of the few people I regularly chat with use OTR because I've gotten them on the bandwagon though.

No.

Thanks for the replies. As far as I know, the signature should be created from a hash of the body of the email and your key, so it should be different every time.

But I'm in a similar situation - there's nobody to use it with :D

If only we knew each other in real life...

I tend towards GPG signing any e-mails that I send which need to be authenticated by the recipient. I encrypt only where I know the recipient. It all works fine in Enigmail.

Default PGP for Windows default encrypts all e-mail for which any recipient's PK is available from PGP's global Keyserver. It works fine, but PGP haven't yet ported their product to linux and they have moved much more closely into the corporate space. GPG seems to have captured the individual users - both in Windows and, of course, GNU/Linux

I am personally amazed that most people routinely e-mail unencrypted. Emails are so very easy to intercept and interception by sinister government agencies and, even, ill-intentioned private individuals is most probably very widespread. The encryption tools to defeat snooping are universally available and free. They have been for most of the last twenty years. In each OS they all work seamlessly and well and give unbreakable protection. Why on earth are people so negligent in safeguarding their own privacy?
Beats me!

rjbl

I symmetrically encrypt files I don't care to send in plain text, then attach them to the email. The recipient knows the password to unencrypt it. It seems to be a fairly useful system, although it's not much different from a password-locked zip file.

I have recently got into the habit of signing my emails, though nobody I email regularly uses GPG, rendering encryption impossible

No.

I sign all my emails and do run encryption regularly with my parents who live in Australia (I moved to the u.s).

Now while not doing anything illegal I just want my privacy with my own parents

Curious to know - do you encrypt/sign emails you send?

I do like the idea, and I have a key set up, but I don't use it. Most of my contacts would simply respond with "why bother?" - does such a situation make signing a pointless activity for me?

Why would you need to encrypt? If you're talking about very sensitive material, then maybe, but personal email? Waste of time.

Only on Wednesdays.