Mail Encryption & Signing? Heartbleed, GPG

Similar Messages

• Mail encryption software?

  Looking for Mail encryption software that will work from OS X to Windows and back again.
  bob

  Go to InstantSSL and request a free S/MIME signing certificate. It's valid for a year, only for the address you specify. You'll be prompted to set a revocation password, which you'll need if you ever want to stop the key from being trusted. I suggest you save the password as a secure note item in the keychain.
  Click the link in the message you'll receive at that address. A file named "CollectCCC.p7s" will be downloaded in your web browser. Double-click the file. It will open in Keychain Access. Confirm that you want to import the keys it contains.
  Two items will be added to the keychain you specify. Both are named "Key from secure.instantssl.com". One is of typeprivate key and one is of type public key. You'll want to delete those items when the key expires or is revoked.
  Quit and relaunch Mail. When you next compose a message from the certified address, you'll have the option to sign it.
  The first time you sign a message with the new certificate, you'll be prompted to allow Mail to use it in the keychain. Click Always Allow.
  Important:
  You must quit and relaunch Mail before the certficiate will be recognized.
  Mail that is only signed is not encrypted; anyone can read it. The recipient can be reasonably sure that it came unaltered from a person who receives mail at the sender's address. That is not proof of the sender's identity.
  To encrypt messages, the recipieint must already have gone through a similar setup process, and you must know his or her public key. The key can be sent to you in the clear, attached to a signed message, but again, you have no proof of the sender's identity. All you know is that he can receive mail at the specified address.

• Mail Encrypted by openssl can be read on outlook but not on BB

  While mail encryption and decryption generally works with my certificates, i get some Mail that is encrypted on a unixmachine using openssl and displays in oulook as ordinary mailbody. On a Blackberry however the mailbody displays as attachment with name "unknown" no extension.
  The header reads like this:
  X-MimeOLE: Produced By Microsoft Exchange V6.5
  Received: from xxx by xxx with Microsoft SMTPSVC(6.0.3790.3959); Thu, 4 Jun 2009 12:01:29 +0200
  MIME-Version: 1.0
  Content-Type: application/x-pkcs7-mime;
  name="smime.p7m"
  Content-Transfer-Encoding: base64
  Content-Description: smime.p7m
  Content-Disposition: attachment;
  filename="smime.p7m"
  ...Routing Information ...
  Return-Path: xxx
  Content-class: urn:content-classes:message
  Subject:  xxx
  Date: Thu, 4 Jun 2009 12:01:21 +0200
  Message-ID: <xxx >
  X-MS-Has-Attach: yes
  X-MS-TNEF-Correlator:
  Thread-Topic: xxx
  thread-index: Acnk+24wKbZNTgEvRpKyFh7nUWVA2Q==
  From: yyy
  To: zzz
  Cc: xyz
  Is there a way to display this type of encrypted attachment ?

  this article does not directly answer your question but is adjacent to it:
  http://www.blackberry.com/btsc/KB16246
  Unable to open encrypted attachments
  if you are under BES you can ask your IT department about the BES version.
  The search box on top-right of this page is your true friend, and the public Knowledge Base too:

• Traded homes and iPhones in Europe now and this an old iPhone 4.2.1 unable to get my mail from mail or sign into icloud on the Internet in safari on this iPhone

  Traded homes and iPhones in Europe now and this an old iPhone 4.2.1 unable to get my mail from mail or sign into icloud on the Internet in safari on this iPhone

  You need an device (iPhone, iPad, iPod touch) with iOS 5 if you want to use iCloud. Furthermore it is also not possible to open www.icloud.com with Safari on an iOS device.
  But if you want to set up Mail on your device with iOS 4 then you can do it manually. Therefor follow these instructions for devices with iOS 4: http://support.apple.com/kb/HT5330

• S/MIME support in Mail (encryption and signing)

  Hi,
  is there S/MIME support in iPhones Mail-Client? Mail.app for OS X has great support for encrypting and signing eMails using S/MIME certificates and I wonder if iPhones Mail-Client is able to use S/MIME, too.
  best,
  Jens

  I have the same question. Much of my mail comes with either S/MIME or GnuPG encryption. A device that lets me receive but not read my e-mail isn't much use for communication.
  Can someone confirm?
    Mac OS X (10.4.10)  

• MAIL: Can sign, encrypt but not decrpyt

  After Mail was driving me crazy with weird error mesages, I deleted all my certificates and got the replaced by Versisign.
  I imported then and since then I can sign and encrypt mails from both of my accounts like charm.
  problem is: I can't decrypt a message.
  I doublechecked the used certificate with the sender and serialnumber and fingerprint are ok. He deleted all my certificates form his keyring and I send him a signed message again which cause the (correct) certificate to be imported in Keyring. But when he sends me a encrypted message I can't decrypt it.
  Mail is just saying "Can't do" in that yellow bar and informs me that I might haven't got the right certificate in my keyring.
  This is driving me crazy ...
  Anyone with some ideas?

  OK, Keychain Access has three Keychains, two of which appear identical right down to Date Modified for each password) and a third called X509 Anchors.
  Within each of the two apparently identical Keychains is a single POP3 password for my ISP with my email account number in the info box at the top (when I view the other two users's accounts in Mail preferences, their account numbers are the same as this but suffixed by _2 and _3. But, as I say, the only POP password appearing in Keychain Access is mine. Do you mean I should delete it?

• Mail missing sign/encrypt buttons

  I just noticed in testing Mac OS X Lion 10.7 Mail.app that the buttons to sign and encrypt email are mssing. Customizing the headers toolbar does not reveal the controls either.
  Has anybody found the controls for signing and encrypting email in Lion Mail? I checked Mail help as well and it indicates that it should be exactly like it was in preveious versions of Mail, the controls should be in the headers toolbar.

  I finally have a solution to this problem. I had been trying to use a .cer security certificate issued by Comodo, it had worked just fine on Windows but my Mac didn't seem to like it. I also tried creating my own certificate through OSX, but even after I created it I still couldn't see the buttons.
  I had someone direct me to this webpage which ultimately helped me fix the problem:
  http://allforces.com/2007/03/02/email-security/
  I ended up using Thawte to issue me another security certificate (this time it was an x.509 file), the security certificate automatically opened in Keychain Access and downloaded to the Certificates and My Certificates folder. Once I shutdown Mail and restarted it I had the buttons for both encryption and digitally signed. Of course the encryption button is still greyed out because it is a new certificate and I need to make sure my Address Book contacts have a copy of it before I can encrypt.

• PGP Encryption/Signing issue

  Hi Experts,
  We are working on a scenario to sign the message while sending to client but the message created doesn't seem to be like signed message.
  The message created is as below
  -----BEGIN PGP MESSAGE-----
  Version: BCPG v1.46
  kA0DAAIBadYy7HCWZSAByzZiJDMzNDliZmUyLTFiZDctMTFlNC04NzZmLTAwMDAw
  MDUwNGNkNlPfhdpTaWduIG1lc3NhZ2WJARwEAAECAAYFAlPfhdoACgkQadYy7HCW
  ZSAP7ggAlLy4/itUM4TrzzAwtDXB3FX2VgI/8kztoWNqyLKAzytOudu/KDbfqTNx
  PMZQXjEsn62MXWSV39vWW2lJ+OKJXnlZ/tEYqGa3Bn1rBIK8wsqfQR02S28XrpAh
  csL6vXCAm8trCxIrxy2aZR2ibmioSVowMVkrVTj/hckiRsW5pconIZjiPqlynwJX
  ayp7fkqmJ9ZYOqR4/ygqNOuSN5XTudFvRuvAqHSw23CMQzz4u2PZcODSd1WOsmOJ
  3SDgt4H1SxPx/zZ1d08V1iPd+kRf0bsBijG1tLeP+DbeAEPSOOVzmtLpnlEXNhLn
  arAe1rqDvTmexoXmDvo1xaYZhIzpvA==
  =6Ssh
  -----END PGP MESSAGE-----
  But as far as I know the signed message looks likes the one below.
  -----BEGIN PGP SIGNED MESSAGE-----
  Hash: SHA1
  Example of message signing
  -----BEGIN PGP SIGNATURE-----
  Version: GnuPG v1.4.6 (MingW32)
  iD8DBQFFxqRFCMEe9B/8oqERAqA2AJ91Tx4RziVzY4eR4Ms4MFsKAMqOoQCgg7y6
  e5AJIRuLUIUikjNWQIW63QE=
  =aAhr
  -----END PGP SIGNATURE-----
  We have maintained the module parameter as per the help guide to only sign the message. We do not need encryption.
  pgp
  applyCompression
  None
  pgp
  applyEncryption
  false
  pgp
  applySignature
  true
  pgp
  asciiArmored
  true
  pgp
  ownPrivateKey
  testPrivate_key.gpg
  pgp
  partnerPublicKey
  testPublic_Key.asc
  pgp
  pwdOwnPrivateKey
  pgp
  signingAlgo
  SHA1
  Not sure if some configuration is missing or the signed, encrypted and signed & encrypted messages look same if created using PGPEncryptionModule.
  Appreciate any help on this.
  Regards,
  Pankaj

  Hi Siva,
  I don't think still there is any support for PGP in Oracle SOA. You may use java for PGP encryption/decryption and transfer externally encoded messages over SFTP.
  Please refer -
  Re: PGP Encryption/Decryption
  PGP Encryption in B2B
  Regards,
  Anuj

• Allow mail to sign using privateKey only once

  I have my private key for signing and encrypting mail in a separate keychain from the login keychain. I want Mail to ask me every time whether it can use the private key, and up to now it has done so. First, I receive the prompt to enter the password for the separate keychain, then I'm asked whether I want to allow Mail to use the key just once, or every time. Recently, however, the second prompt hasn't been appearing. I think I must have clicked "Always Allow" once. I've looked through the keychains using Keychain Access but can't find what to modify to get things working as before. Does anybody know which key's access I have to modify?
  Thanks,
  Richard

  Yes, I assumed that there is a key (as opposed to a password or certificate) in my login keychain or in my certificates keychain, which requires a separate password from that of my login, that Mail is using to digitally sign my email. Furthermore, that key's Access Control tab would contain an entry to the effect that Mail is always allowed access to the key. Then I would only have to delete the entry that always grants Mail access, and I would be back where I wanted to be, i.e., Mail would always ask to use the key. Unfortunately, although I could find a private key, it contained no entries for Mail.
  At any rate, the problem disappeared as quickly as it had appeared. I quit Mail, then started it agin, and everything worked as before. I cannot explain why this happened.
  MacBook Pro Core 2 Duo 2.33 GHz 17" glossy screen, MacBook Core 2 Duo 2 GHz   Mac OS X (10.4.9)   2GB RAM

• SLS Mail Server with PGP/GPG

  I am trying to figure out how I can setup PGP or GPG encryption for Mail on SLS 10.6.2. My goal is to serve my Blackberry PGP/GPG encrypted email. Does anyone have any advice?

  This is normally done end-point to end-point (MUA at either end), not at the server itself.
  Postfix is the MTA in OS X Server, and Dovecot the MDA in 10.6 Server (previously it was Cyrus).
  See http://groups.google.com/group/list.postfix.users/browse_thread/thread/bc18d0324 aa942b2
  Setup your Blackberry to access your server via IMAP, for example:
  http://discussions.apple.com/thread.jspa?messageID=10711862
  But the interaction of SLS and your Blackberry is probably not going to function as you appear to imagine.
  You may wish to look into something like funambol
  http://www.funambol.com/

• Yahoo mail page sign-in button no longer works

  I suddenly can't sign into my yahoo accounts on my iPad 1.  It seems the sign-in button no longer works, when I tap it or use the "go" button, nothing happens - no error message, nothing.  I've re-set the iPad and I still can't sign in.  I can get to all of the other Yahoo web pages, just not my mail.  I can sign into other websites no problem.  Any suggestions?  Is my iPad now completely obsolete?
  I can sign in without a problem on my iMac.
  Thanks,
  Kathleen

  Reset your iPad. This will do no harm and you will not lose any data. See if that works. If not, clear Safari and then try again.
  Reset the iPad by holding down on the sleep and home buttons at the same time for about 10-15 seconds until the Apple Logo appears - ignore the red slider if it appears on the screen - let go of the buttons. Let the iPad start up.
  Go to Settings>Safari>Clear History, Cookies and Data.

• How to e-mail digitaly signed PDF created from SAP Layout

  Hello all,
  everything is clear from the subject.
  We have SAP Layout which we want to convert to PDF, than sign with external digital sign and send it with e-mail on some address.
  Please explain how to convert to PDF and that sign SAP Layout.
  For now I am sending SAP Layout to e-mail and converting it to PDF but not jet aware how to sign that. (In SCOT, in SMTP node Internet is defined as PDF for SAP layout).
  TIA
  Gordan
  SAP is 4.70ex2.00
  Message was edited by: Gordan Flego

  Hello,
  not very happy with note.
  I am considering scenario in which SAP Form will be converted to PDF with FM CONVERT_OTF, returned to stream and than signed.
  Is that possible, and which FM should be used for signing such PDF?
  TIA
  Gordan

• How do I tell if received mail is signed

  I look for the lock icon on mail I'm sending to make sure it's signed.  How do I tell if mail I've received has been succesfully digtally signed?

  The iPhone 3G only went up to iOS 4.2.1, so when you connect to iTunes you will not be able to update to a higher iOS version. The 3GS can go up to the latest iOS, currently at 5.1.1 and soon iOS 6.

• Fulldisk encryption with a gpg encrypted key?

  Hi all, anyone know if it is possible to encrypt a root partition using a gpg encrypted key?
  To create it and open it I would use something like this.
  #dd if=/dev/urandom bs=512 count=4|gpg –symmetric –a > ./rootkey.gpg
  #gpg --quiet --decrypt rootkey.gpg | cryptsetup -v --cipher serpent-cbc-essiv:sha256 --key-size 256 luksFormat /dev/sda3
  #gpg --decrypt key.gpg 2>/dev/null | cryptsetup luksOpen /dev/sda3 root
  which works, if i can manually enter the commands to decrypt the drive, but how would i do that at boot? i was reading a article on the gentoo wiki about creating custom scripts etc etc to handle it all. can something similar be applied in arch linux? if this is at all possible is there somewhere where i can find some documentation regarding doing this?
  cheers.

  Nothing wrong with using LUKS, and in a way I am still using LUKS but what I am doing here is having a key file encrypted using GnuPG and stored between the MBR and first partition. In my modified /lib/initcpio/hooks/encrypt script it will ask for the password for the keyfile to decrypt the root partition and if an incorrect password is entered more than say 3 times it will shred the keyfile making the root partition impossible to ever decrypt. For a backup for myself I will have a copy of the gpg encrypted key stored somewhere on the web.
  So basically adding a whole new layer of security to the system. The more layers of security you can add the better.
  I do know this is a little over board, but its more for the fun of doing it. In a strange sort of nerdy way
  But back to what you were saying about the libraries? From the archlinux wiki
  These options allow users to add files to the image. Both BINARIES and FILES are added before hooks are run, and may be used to override files used or provided by a hook. BINARIES are dependency-parsed, meaning any required libraries will also be added. FILES are added as-is. For example:
  So I shouldn't have to worry about them.

• Bad Signature Error When Signing With GPG

  I'm trying to sign a public PGP key but am encountering a 'Bad signature' error:
  gpg --edit-key [email protected]
  gpg> sign
  You need a passphrase to unlock the secret key for
  user: "My User <[email protected]>"
  2048-bit RSA key, ID 12345678, created 2012-01-01
  I enter my passphrase then get:
  gpg: checking created signature failed: Bad signature
  gpg: signing failed: Bad signature
  gpg: signing failed: Bad signature
  I've done some searching online but can only find old, unrelated posts or ones relating to smart cards, which I'm not using.
  The wording of the error seems to suggest that gpg is attempting to verify the signature it just created but is failing?
  I have gnupg 2.0.25-1 installed and am running the above commands via a PuTTY ssh connection.
  Any help gratefully received!

  I upgraded my Adobe to version 8 and tried the task with the same file.
  It worked without any error.