Sunday, October 7, 2007

Certified Mail

I recently had the need to send myself an encrypted email ... to myself. Sure, the task smacks of Austin Powers, International Man of Mystery gratuitousness, but I had a valid business need, I assure you. *raises outward-turned pinky to corner of mouth*

I use hosted Gmail as my business email provider and sometimes lean on it as a quick backup service. Occasionally I email myself business / trade sensitive data - such things I would not be comfortable with stored in plain text on a server I do not own. For this reason I setup Firefox to send / receive encrypted personal emails. Follow these steps to get your very own encrypted Gmail on:

1. Create / Install email cert.
You can use services like Thawte to create your email cert, but I found Comodo the easiest. Go through the online registration, open the email they send, and click on the supplied link. Viola! You personal email cert created and installed.

2. Install Gmail S/MIME extension.

That's it! From now on you'll see a lock icon next to the "Check spelling" link when you're composing a new email. Click it to send super secret Enigma-ciphered emails to anyone whose email cert you've installed.

Some words of caution:

1. Make sure you backup your email cert. Store it somewhere else locally and store remotely on a thumb drive, external drive, or a secure online account like .Mac., etc.

2. Transmit keys via - what I like to call - "Flesh & Blood" ... which is a take on the "Brick & Mortor" internet cliché. Whoever you want to send / receive secure email with you need their and they need your email cert. Avoid the temptation of emailing certs. It's best to swap certs personally (and much more fun!). Of course, you can setup a password-protected download for your cert if your spy escapades deny you all human contact.

3. Hold onto your cert! If you lose it you'll never be able to read your encrypted email again.

About me:

I'm Abe Gillespie, GIS - and anything else - programmer for hire (abe at digital - pulp dot com). I'm a technophile, love life, animals, people, and God. I'm involved with some Open Source projects such as Mono (more of an outside observer) and zigGIS. Check back here for posts on life, consulting, GIS programming, and whatever else might strike my fancy. Check out my company at Thanks for reading!

1 comment:

Jeremiah said...

You and your super secret soaked certified (c)email.