Sign and Encrypt Messages - Take Control of Apple Mail (1.0)

Information Technology Reference

In-Depth Information

Searching Encrypted Messages

By default, Spotlight doesn't index the contents of encrypted email messages, because

doing so could permit another person using your account to see these messages dur-

ing a search using the system-wide Spotlight menu. To turn on Spotlight indexing of

encrypted messages, open Mail's General preference pane and check Encrypted Mes-

sages at the bottom, under When Searching All Mailboxes.

Use GnuPG for Mail

Symantec's PGP (Pretty Good Privacy) software can also encrypt and sign messages using

public-key cryptography. Unlike the S/MIME system built into Mail, PGP uses centralized

computers called keyservers to hold public keys. The result is that you need not bother with

the process of sending your correspondent a signed message to deliver your public key before

she can send you an encrypted message; her software can find your public key on the key-

server automatically and transparently.

It's a great system, but for two tiny catches. First, you have to pay for the software (prices

vary according to the license type and duration you choose, but the least-expensive price for

a single license is $175). And second, both sender and recipient must have the necessary soft-

ware to support PGP—it's not interoperable with S/MIME.

A free, open-source alternative to PGP called GnuPG (GNU Privacy Guard, also abbreviated

GPG) gets around the cost issue. It uses public keyservers, just like PGP does—and because it

uses OpenPGP, the same underlying standard as PGP, GnuPG users can exchange encrypted

messages with PGP users. A Mail plug-in called GPGMail adds the necessary hooks to Mail;

it's part of a larger package of tools called GPG Suite , which also includes GPG Keychain for

creating and managing your public and private keys and MacGPG, the engine that powers all

the GnuPG components.

GPGMail is far easier to set up than S/MIME, and you need not go to an external certificate

authority to get your public and private keys. The software is largely self-explanatory, but you

can find detailed instructions on the GPGTools Support site.

With GPGMail installed, you can use the controls it adds to Mail's windows to send messages

using either OpenPGP or, if you also have it configured on your Mac, S/MIME. In fact, when

replying to a message, GPGMail is smart enough to use whichever encryption method the

sender used. If you're corresponding with recipients who can use either system, the default is

to use OpenPGP, but if you change a hidden setting, GPGMail uses S/MIME unless you tell

it otherwise.

Search WWH ::

Custom Search

Home