I am now on my second computer and will proceed to import the public key I exported earlier from my first dummy account to my second computer. This is similar to what you will have to do when you receive a public key from another individual. You will have to import the key into your keyring before it can be utilized. Luckily, Gpg4win includes a nifty key management utility called Kleopatra that will make this whole import/export process very easy to perform. Here, I will perform a import.
Once I have Kleopatra opened, it will show you every key in your key ring. Here, you can see that I only have one key and that is the public/private key pair for my second email account, email@example.com. I am now going to import the public key for firstname.lastname@example.org.
I simply click on the Import Certificate button, browse to the certificate location and that’s it! The certificate for email@example.com will then be successfully imported into the key ring and it will be listed in the “Imported Certificates” tab.Please remember that because I own both email accounts for testing demonstrations, I have to perform everything twice. Therefore, I also generated a keypair for my second email account, exported the public key, and imported it to my first computer with the first email account.
At this point, we are almost ready to begin sending encrypted emails with Outlook. We just need to configure one more thing.
Back in Outlook, we need to set one more configuration setting for the Outlook Privacy Plugin and that is to tell it which private key belongs to us. Within Outlook, click on the Add-Ins tab and you will see the mini toolbar for the plugin.
Click on the Settings button and then select the Compose tab. Under the Default Key selection box, we should see our newly created private key. In my case, this would be my first email account of firstname.lastname@example.org. Select it, hit OK and we are done!
Sending Encrypted Email
Finally, we are able to test the encryption system by composing encrypted emails! This test is very simple. I will be composing a email from my second email account (email@example.com) to my primary account (firstname.lastname@example.org) using its public key. Sadly, we currently can only compose plain text emails using this system. HTML emails are not supported at the moment. Within Outlook, I press and hold down the Shift key while clicking on the New Email button. This lets Outlook know that I am composing a plain text email. I compose my email as usual. However, before sending, I select both the Sign and Encrypt setting located in the upper right corner.
Currently, while I can choose to both sign and encrypt an email, the recipient can only decrypt it and not be able to verify the signature. At the moment, if you want signature verification, you cannot encrypt the email and vice-versa. I’m not sure if this is a bug in the plugin or the fact that I am using Outlook 2013. As the plugin only supports Outlook 2010, this might be the cause. If you are using Outlook 2010, feel free to let me know of your experiences in this regard.
Verifying and Decrypting the Email
I now have received the email. In Outlook, here is how it initially looks like:
To decrypt the email, I simply hit the Decrypt button in the upper right hand corner. I will then be presented with a password dialog box. I need to now enter my passphrase to unlock the private key for my pgptester808 email account. Once done so, the email is then decrypted right in front of your eyes. Voila!
As I mentioned above, I am not able to both sign and encrypt an email. Therefore, I sent another test email with just signature verification. By selecting the email and hitting the Verify button, the PGP signature will be verified by using the sender’s public key. If all is well, you will get an OK return message.
If you want to get rid of the WARNING prompt, you have to personally trust the other party’s public certificate/key within Kleopatra.
In the End…
The method I showed here is probably not the best to incorporate OpenPGP with Outlook. Not only does it not support multiple email accounts and HTML emails but worst part is, I can’t seem to both sign and encrypt an email at the same time! Technically I could do both as a sender but the recipient will only be able to decrypt and not perform signature verification. Of course, the Outlook Privacy Plugin is free of charge so I can’t expect too much. There are paid products to support OpenPGP within Outlook but unless you absolutely cannot live without Outlook, you’re better off using Thunderbird or other open source email clients that have this feature either built-in natively or provided via third party plugin support.
Pages: 1 2