Pgp

Generating a PGP Key

  1. Go to ToolsAccount Settings, then from the left panel, select End-To-End Encryption.
  2. Click on Add Key...:
    Attach:thunderbird-pgp-07.png
  3. If you have an existing OpenPGP Key, select Import an existing OpenPGP Key. In this tutorial, we will Create a new OpenPGP Key, so click Continue:
    Attach:thunderbird-pgp-08.png
  4. Click Generate key:
    Attach:thunderbird-pgp-09.png
  5. Click Confirm:
    Attach:thunderbird-pgp-10.png
  6. Now when you write an email, you can attach your public key, sign the email, or encrypt the email.
    Attach:thunderbird-pgp-11.png

Importing a PGP Key

There are two ways to add a PGP key:

Import from URL

  1. Go to ToolsOpenPGP Key Manager:
    Attach:thunderbird-pgp-01.png
  2. Go to EditImport Key(s) From URL:
    Attach:thunderbird-pgp-02.png
  3. Paste the URL for the public key then click OK:
    Attach:thunderbird-pgp-03.png
  4. Verify the key fingerprint and emails. Check the fingerprint to make sure it is the key you want.
    You will want to use an independent method (besides the website URL) to be certain this key truly comes from the user it claims to be from. You can use a phone call, IRC chat, email, photo, or real life visit. If youf don't verify carefully, you can get scammed!
    If you accept the key, select Accepted (unverified) then click OK.
    Attach:thunderbird-pgp-04.png
  5. Click on View Details and manage key acceptance.
    Attach:thunderbird-pgp-05.png
  6. For this step, you will need to independently verify that this key truly comes from the user it claims to be from. Use something besides the website URL, like a phone call or secure chat. If you don't verify carefully, you can get scammed!
    If you have verified the fingerprint, select Yes, I have verified in person this key has the correct fingerprint.. (The bottom row)
    Attach:thunderbird-pgp-06.png
  7. Click OK again, then click Close.
  8. When you view an email that has been signed with the key you imported, it should show as verified:
    Attach:thunderbird-pgp-06b.png

Import from Clipboard

  1. Go to ToolsOpenPGP Key Manager:
    Attach:thunderbird-pgp-01.png
  2. Copy the entire public key into your clipboard by selecting the fingerprint then typing ⌘+C.
  3. Go to EditImport Key(s) From Clipboard:
    Attach:thunderbird-pgp-02.png
  4. Continue from Step 4 on Import from URL above.

Uploading a Public Key

  1. Go to ToolsOpenPGP Key Manager:
  2. Select EditCopy Public Key(s) To Clipboard:
    Attach:thunderbird-pgp-12.png
  3. Click Close:
    Attach:thunderbird-pgp-13.png
  4. Upload your key to a keyserver

Signing an Email

  1. At the top left, select the tab Inbox, then click on Write.
  2. At the top of the window, click on Security. If you click Attach My Public Key, it will send your key to the receiver so he can send encrypted emails to you and verify your signature. If you click Digitally Sign This Message, you will sign the email and the receiver can be certain the message was not forged. If you click Require Encryption, it will encrypt the message.
    WARNING: If you encrypt the message but your receiver loses his PGP key, the email can never be decrypted and read. For this reason, it may be better not to encrypt email if the contents do not need secrecy.
    Attach:thunderbird-pgp-14.png