Previous Next Table of Contents

9. Encryption

Once you've got premail set up, actually using encryption is easy. You simply add commands in double parentheses to the e-mail addresses. The encrypt-pgp command (which can be abbreviated to key) adds encryption to the outgoing mail, and the sign command signs it.

For example, to send me encrypted mail, you'd send it to raph@cs.berkeley.edu ((encrypt-pgp)). You need to have a key with this user id on your PGP public keyring, otherwise you'll get an error message. If the user id on the key doesn't match the e-mail address, you can specify it directly. For example, to send mail directly to my workstation, but using the same public key as above, use raph@kiwi.cs.berkeley.edu ((key=raph@cs.berkeley.edu)).

Signing works much the same way. I can sign mail by adding ((sign=raph@cs.berkeley.edu)) to the outgoing address. Actually, because I set the signuser configuration option in my preferences file, all I have to add is ((sign)).

Doing both encryption and signing is just as easy. For example, to send me signed, encrypted mail, use this line:

To: raph@cs.berkeley.edu ((encrypt-pgp, sign))

Each recipient is treated separately - the double-paren commands after an e-mail address apply to that recipient only. However, you can add a Sign: header field to indicate that your message is signed for all recipients. Example:

To: vp@company, secretary@company, employees@company,
    friend@outside ((encrypt-pgp))
Subject: Important announcement
Sign:

...

In this example, all recipients will get a signed message, and the message to friend@outside will be encrypted as well.


Previous Next Table of Contents