Melvin Rivera has written a nice tutorial for Mail users explaining how to get a digital certificate from Thawte and how to use Mail.app’s digital signature and encryption features.

He outlines the process for creating an account at Thawte and requesting a certificate and then installing it.

Further sections follow on the difference between a digitally signed and an encrypted message, and how to use them.

It’s interesting to compare Melvin’s take on secure email in Mail.app with Matt Haughey’s experience , which wasn’t so positive.

Melvin thinks it works well and is a good tool to have in your email armoury:

Other than the process of going though an external website for obtaining a certificate, Mail’s integration of signed and encrypted messages is seamless. It’s a great feature that is just hidden until needed. Making the user experience simple and clean. And there’s nothing like discovering a great new feature on an App you’ve been using for a long time now.

Joar Winfor has also produced a more detailed walkthrough for secure email in Mail.app, but more detail is not always good for everyone.

Related posts

• The frustrations of encrypted mail in Mail.app
• Security vulnerability in GPGMail
• Use your iChat certificate to sign Mail.app emails
• Security Bug back for Leopard Mail
• Secure email over wireless for Apple Mail

The owner of rtfa.net has posted a list of the things that are annoying, broken or just plain scandalous about Mail.app.

He is an unhappy Apple Mail user: “Well, if Thunderbird integrated with spotlight and OSX address book, it’d be a no-brainer. However, I’m entrenched.”

And life in the trenches with Mail.app is not good.

Three problems score the highest scandal rating — incorrect treatment of IMAP’s “seen flag”, the “lost message” problem and the “invalid pointer” problem.

Related posts

• Work-around for Outlook attachment problems
• Using your Mac as a mail server
• User interface flaws in iCal
• Thunderbird IMAP bugs
• Thunderbird 1.5.0.8 released: Mac issues, bugs

Langenhoven offers a Greasemonkey script for Firefox that will encrypt Gmail messages.

It achieves this by using RSA type encryption in Javascript.

The site also offers a utility for producing the public and private keys needed for encryption.

I haven’t tested this but the results look like the real thing:

Read the Known Issues section to discover that it works best in Firefox 1.5 or greater and that some of the buttons are troublesome.

Related posts

• Greasemonkey up your Gmail
• Gmail shortcuts in Thunderbird and Fastmail
• Thunderbird 1.5.0.5: More stable, more secure
• Distraction-free Gmail in Camino/Firefox
• Better Gmail 2: New features, new skins

Webmonkey has published the introductory chapter to PGP & GPG: Email for the Practical Paranoid by Michael W. Lucas.

It covers Phil Zimmermann’s first steps with PGP, the lawsuits with the US Government, the launch of OpenPGP, GnuPG, legal aspects of encryption and more.

A brief quotation:

The ideas behind PGP had been known and understood by computer scientists and mathematicians for years, so the underlying concepts weren’t truly innovative. Zimmermann’s real innovation was in making these tools usable by anyone with a home computer. Even early versions of PGP gave people with standard DOS-based home computers access to military-grade encryption.

UPDATE: Mirko posts a link in the comments to an audio interview with Jon Callas , CTO at PGP Corporation, who also explains the history of PGP. Thanks.

Related posts

• GPGMail 1.1.2
• GPG: Encrypting messages in Apple Mail
• Weekly Update
• Turning your back on Gmail
• Too much information? Spotlight, metadata, and privacy

I ran across two things for Gmail users today.

Adam Pash at Lifehacker has posted a tutorial of tips and tricks for getting the most out of Gmail. It even has video clips!

Among other things, he talks about some scripts for the Firefox extension Greasemonkey which add very useful bells and whistles to Gmail’s web interface.

Another Greasemonkey script promises to bring basic encryption to Gmail. It first encrypts the email into AES and then uses the RSA algorithm to encrypt the message again.

Related posts

• Gmail shortcuts in Thunderbird and Fastmail
• Encryption for Gmail via Greasemonkey
• Killer list of Google Calendar tips
• Add Daily Agenda to your Gmail
• Add a “Gmail this” bookmarklet to your web browser

ChibiNinja is a utility that creates a cross-platform encrypted multi-language email message with an inserted image. You can send and receive them using from Apple Mail (or Outlook Express on Windows) without complicated encryption mail settings.

An updated version, released today, adds support for encrypted files and the option to request a read receipt. The developer has created a detailed explanation of the app’s new features.

Once donation-ware, ChibiNinja Mail is now shareware (USD 18), although the developer has now released a freeware version that will decrypt and encrypt a message and an image but not files.

You can get them both from the developer’s web site.

Related posts

• JPEGCleaner: Cleans image, sends it to Mail
• Image spam: Spam gets more canny
• Chibi Ninja: Cross-platform encrypted messages
• Automator Action to email files quickly
• Zoë: Google your email