software, security, pgp
This is part 4 of this series in which I describe my experiences of setting up PGP for myself and my significant other, as a test and a way to in fact email about our bank robberies and so on.
So nothing has changed much since the last episode. An important thing I misunderstood before I now correctly understand: the use of signing messages. Encryption means only the person with the right private key can read it. It does not however ensure anything about the author, which is handled by signatures. So, end-to-end PGP encryption requires both, because without a signature anyone could have written the message. I missed this nuance, which I now think is not really nuanced, when I read K9mails PGP considerations a while back. Signing and encryption are two different things, and for privacy the latter is most important.
I realized this because there are two mailbox hosters that offer the user to upload their public keys with which they’ll then encrypt all incoming mail. If you believe the hoster they discard the plain-text versions, you have a fully encrypted IMAP server that only you can read, and no subpoena, government request or hack will reveal a single thing. Since this is obviously not end-to-end encryption, I invented the need for signatures and then slapped my forehead realizing that obviously that is what signing messages is for. Even though I say this every now and then, I must now say it to myself: it is extremely unlikely you’re the first with that idea…
Posteo and Mailbox.org are the two hosters offering public key PGP encryption. I thought this is rather elegant, because avoids lock-in to a silo like Protonmail or Tutanota since it is fully compatible with existing PGP tools. Hope more mailboxes will follow.