In what is easily the most concise tutorial I’ve seen on this topic so far, Melvin Rivera explains how to enable support for email signing and encryption in Mail.app. All that’s required for basic encryption is to request a personal security certificate and add this to your Mac’s keychain. No need to install additional software or configure anything, as Mail and Address Book support these features out of the box.
Its underlying basics like the concept of public-key cryptography haven’t changed, but email encryption has come a long way in terms of usability: add that certificate to your keychain, and encrypting your emails is as easy as clicking a button. That’s a big change from the early command-line tools, and it makes encryption accessible even to less experienced users. Why, then, is it that so few people actually encrypt their emails?
Consider this: as you may know, standard email is sent along the Internet as plain text, so that anyone with access to one of the computers along which that email travels from sender to recipient could theoretically read what you’re sending. The often-used comparison between an email and a postcard is very appropriate. In the analog world, though, we tend to prefer mailing a letter in a sealed envelope unless we send greetings from our far-away vacations, in which case postcards come in handy to make even the postman envious…
“Postcards” in the digital realm, envelopes in the real world. Where does this discrepancy come from? How about you, dear reader: do you use email encryption? If so, what kind of encryption (i.e., PGP, GPG, S/MIME, …) are you using, and which kinds of messages do you encrypt? And how many of your friends use encryption, too? If you do not use email encryption: is there a specific reason — like difficulty-of-use, lack of trust in the system, etc. — that keeps you from doing this?
Let’s find out what it takes to make email encryption more popular. Or is it already more popular than I think?
P.S.: I learned about Melvin’s article via Hawk Wings.
P.P.S.: For a much more detailed look at encryption and certificates, have a look at FJ de Kermadec’s article “How to Set Up Encrypted Mail on Mac OS X“.