[Enigmail] Enignmail begginner

LeRoy ldc at lrcressy.com
Sat Dec 27 10:58:03 PST 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Robert J. Hansen wrote:
> Phil Stracchino wrote:
>> In other words, the signatures that matter to you can usually be made
>> part of the 1% that are meaningful.
> 

Another item that is important is how you sign someone's key.  Do you
make sure that the key that you are signing is who they say they are?
Did you verify the fingerprint of the key that you are signing?

These aspects are important for verifying signatures.  Most of the
signed email I received is:
	UNTRUSTED Good signature since I will not sign a key unless I verify
the key and the individual.  At the Philadelphia Linux User's Group
(PLUG) we have key signings at the close of the meetings.

Also you should set up your enigmail system so that it will not remember
the passphrase for any amount of time and that you should not have
checked Never ask for any passphrase.  This is especially important in
an office environment.

A friend of mine once was logged in as root when he stepped away from
his desk.  During the time while he was away from his desk a colleague
setup a cron job to reboot his computer every 15 minutes.  Also if you
are using a laptop, you should encrypt /home /tmp and swap partitions if
you are running Linux.  We all keep stuff on our computers that we would
not like to have stolen.  Remember when the guy from the Veterans
Administration had his laptop stolen with American Social Security
Numbers on it.  If his laptop had encrypted partitions for the data,
then there would not have been the scare.

Encrypting partitions is easy for Linux, I do not know how to do it on
Windows.

GnuPG security and trust is important and protecting your own system is
where it starts.

Hope you all have a happy new year :-)

Rev. Leroy D. Cressy
	

> I absolutely agree with everything Phil's said here.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEVAwUBSVZ6u6uxGqN1iGbbAQJAuAgAnuk+TFboJuuoYbJTY0pw2AlYHEXk1Cpa
XVMFv89TNm/m3pT73XvtzrFZ9abnAHcIx1aGYG0UZ9U4k+WNMVaOLP1gaAN9W4RL
EwkBjpD1drtbMWQtcY+JqXajVQTIW9V46zJPDaXEDR2ycrIPcqYbHSv+Il+BXhQs
y7u6u3cqPLjI2vPdib5xKbabV6V2mPpqfDxrg5yKBZRvIE7UGCfHV5TU5VlM2E1m
fjJAVAeaf0GaB5Gms/gp6TWkLPvGWqPFxasDc2iBVMoZhM6qJjcemWd0wnEEk6sZ
K5QE4KeD5fkCMm2cBCLJk8/4xQ6BrsOlr/nJ2FFYMUQ8ftoEqntJSw==
=hCxq
-----END PGP SIGNATURE-----

More information about the Enigmail mailing list