The exclusive promotional activities on JCOP J3H145 card and Feitian R301 Smartcard Reader are in full swing. Please check this page for details.

The usage of OpenPGP Applet with Thunderbird - The Key Management of Enigmail[2/3]

Smartcard solutions

Moderator: product

User avatar
Posts: 269
Joined: Thu Apr 30, 2015 12:00 pm
Points :2345

The usage of OpenPGP Applet with Thunderbird - The Key Management of Enigmail[2/3]

Post by JavaCardOS » Sat Apr 16, 2016 7:05 am

Once you have Enigmail and GnuPG on your system, you need to populate it with keys: it's pretty useless without them. You need to have your own key pair in order to sign messages and allow anybody to send encrypted messages to you. Furthermore, you will need the public key of a person in order to send that person an encrypted message, or to verify the signature in a message sent by that person.

Select Enigmail → Key Management to open the Key Management window.

The Key Management window shows all keys (yours and other people's) you have stored on your computer; this is called your keyring. The set of all public keys that you have collected is often called your public keyring.

If you have run the Setup Wizard and generated a new key pair, or imported an existing one, it will be shown here. (If it doesn't, tick the option Display All Keys by Default.) Otherwise, the window will be empty.

By clicking the expand gadget at the left of each key, you can see the key's additional user IDs and PhotoID, if present. The columns (Key ID, Type, Key Validity, Owner Trust, Expiry, Fingerprint) show a number of other key properties: you can choose which columns you want to see by selecting them in the rightmost gadget in the column header bar. Later we'll explain what these properties mean.

The menu bar of the Key Management window allows you to operate on the keys of your keyring. To do that, select a key, and then choose a menu item. You also have most of these menu items in a pop-up menu that shows up when you right-click on a key. Some menu items will be disabled (greyed out) if the operation is not possible on the key you selected. Some operations on a key require that you have the companion private key, so you can accomplish them on your key pair but not on other people's public keys.

Operations on your key pair
Once generated, your key pair should show up in the Key Management window. (If it doesn't, tick the option Display All Keys by Default.)
Examining the key properties
Select your key pair and choose View → Key Properties. A new window will pop up, showing the key's properties; some of these properties are divided into three separate tabs, Basic, Certifications, and Structure. As you've seen, most of these properties can also be viewed directly from the Key Management window.
A drop-down menu named Select action at the lower left of the Key Properties window allows you to perform different operations on the key. The operations you can perform on a key depend whether you have or not the companion private key, so you can accomplish some operations on your key pair only and not on other people's public keys; Enigmail shows only menu items relevant to the permitted operations. The same operations are available from the menu bar within the Key Management window as well.

The Certifications tab shows all the other people's keys that have signed (i.e. certified) this key.

The Structure tab shows all key components i.e. primary key and subkey(s) along with their properties: what the key can be used for (possible values are Sign, Certify, Encrypt, and Authenticate), the key ID, the algorithm used for the key, the key size in bits, the creation date, and the expiration date (if any). Note that the key ID is prepended by the characters 0x, which is the prefix indicating a hexadecimal number.

Once you're done examining the key, hit the Close button to close the Key Properties window and go back to Key Management.

Specifying additional user IDs
You might desire to use more than one email address to send secure email from. In this case, you do not need to generate one key pair for each address: you may simply associate multiple email addresses to your key pair. This will save you from the burden of managing multiple key pairs.

Select your key pair and choose Edit → Manage User IDs from Key Management, or choose Manage User IDs from the Key Properties of your key. A window will pop up to show you a list of all user IDs (primary user ID and all additional user IDs) that are currently associated with the key. If this is the first time you perform this operation, your key will have only a primary user ID.

The Add and Delete buttons add and delete other user IDs. A user ID is composed of a name and email address; it is also possible to put an optional comment.

The Set primary button sets the selected user ID as primary, and as a consequence the previous primary user ID is relegated to the role of additional user ID.

The Revoke button revokes the selected user ID, which is then greyed out and deactivated. The difference with deletion is that a revoked user ID is still associated to the key pair but no longer usable.

Click on Close window to save the changes you have made to the key and to return to Key Management.

All user IDs are included in the public key when it is sent or exported. There is no mechanism in OpenPGP for selecting which user IDs are included and which not. This also applies to the PhotoID, which is a special type of user ID.

Other Operations:
On the key items, you can right-click, there will pop-up a menu and you can select select different menu items to perform the operation. Such as, Add Photo, Change Passphrase, Export Keys to File, Upload public keys, and so on.
You do not have the required permissions to view the files attached to this post. Please login first.

Who is online

Users browsing this forum: No registered users and 1 guest

JavaCard OS : Disclaimer