Jason Palmer, CPA, CITP

Cyber Insurance Auditing

You are here: Home / Archives for Cryptographic Software

Securing your Email – Assigning and Using a Digital Certificate for Secure Email in Thunderbird

By 1 Comment

Thunderbird Secure EmailIn order to use a Digital Certificate for Secure Email, you need to install the Certificate in to Thunderbird.  Installing the Certificate is straightforward.  Unfortunately, to use PGP – Public Key and Private Key Encryption in Thunderbird takes a little bit of effort to setup and install.

The steps are clearly defined with Screen Shots at the Thunderbird Documentation Site:

https://support.mozillamessaging.com/en-US/kb/digitally-signing-and-encrypting-messages

In short, Thunderbird uses the PGP (Pretty Good Privacy) Protocol to Encrypt and Digitally Sign email messages implemented through Open Source software.  The two required components are GnuPG: (GNU Privacy Guard): a free software implementation of the commercial version of PGP and the free Enigmail Thunderbird add-on.  (An add-on is small helper application software program that “adds-on” specific functionality.)
To learn more about Public Key and Private Key encryption read my article, “Securing your Email – Understanding Public Key and Private Key Encryption.”

In the documentation referenced above, you download the appropriate version of GnuPG for Windows, Mac, or Linux, the follow the instructions for installing the Enigmail Add-on.

Next, you create your Public Key and Private Key using a Key Generation Wizard.  Then you have the option of setting your configuration to sign all of your outgoing Email with your Digital Signature or on a per message basis.  This operates pretty much the same way in every Email client regardless of vendor.

Digitally signing a messages is as easy as selecting, “Sign Message” from the NEW OpenPGP tab on your Thunderbird Menu Bar.  Same holds true for “Encrypting” a message.

As with all Public Key and Private Key encryption, when you Digitally Sign an email, you must make sure to attach your Public Key with your message. This allows the Recipient to save your Public Key so that they can encrypt an email message to you.  It also allows them to Authenticate an email Digitally Signed by you.

When you receive an email encrypted with your Public Key, you will use your Private Key Passphrase to decrypt the message and read it.  Once both you and your Recipient have each other’s Public Key’s you can start to send and receive Encrypted and Digitally Signed email at will.

The Thunderbird OpenPGP add-on makes Digitally Signing, sending and receiving Encypted Email a breeze.

GnuPG Project Information
http://www.gnupg.org/

Enigmail Information
http://www.enigmail.net