I've been thinking about using ProtonMail or Tutanova but I came across PGP encryption for email and that sounds like it might be the best thing to use as it works within Gmail or whatever and all you really need (it seems) is to get Mailvelope in Firefox and do a few things and you're good to go. It is as easy as it seems?

https://www.inverse.com/article/2701...-email-pgp-key

Only when it works. By which I mean that there seems to be many ways to break it, but once you get it working it seems to work well for a long time. Follow the setup instructions very carefully.

1 members found this post helpful.

Right off the bat: You should move off Gmail if you're interested in keeping your emails secure. Google is one of the biggest email snoopers out there.

PGP encryption is good and not too difficult to learn. The EFF has a good guide: https://ssd.eff.org/en/module/how-use-pgp-linux

I'd be happy to help you practice sending and receive PGP emails. Let me know, and I can make a temporary key pair.

1 members found this post helpful.

The trouble with PGP is that it only works if both participants are using it. The people you are mailing need to have public keys that they can supply you with.

I remember an earlier thread in which someone (I can't remember who) posted that he would not do business by email except with people who were prepared to sign their messages cryptographically.

1 members found this post helpful.

I don't see an issue with that. One can easily make a burner email account and generate keys associated with that email. No need to disclose any personal information.

Then you have to define “security” and “trouble”, first.
Once you want it work this way, it works nicely and no trouble nowhere.

As the OP wrote about encrypting mail, signing is not strictly on-topic, here. But, of course, GnuPG (why PGP?) does this well. I sign my mail since the years 00, and did it occasionally before that. Meaning, that all my mails are authenticated. Not that anyone cared, though. The companies and other parties which insist on cryptographic signatures appear to have fallen for other systems. The French ministry of culture and communication, as such watching over computer security and stuff.., rejects my mail if it is signed with GnuPG, not otherwise...

That is trouble, for me. These days, when people ask, if they should ... I tend to answer: Do as you please. It does not seem to matter anyway.

Ok, thanks.

Thanks Contrapak. And thanks for the guide. That'll really help. And thanks for the practice offer. Appreciate it!

P.S. But I was just looking over the guide and it looked so complicated. The appeal, for me anyway and perhaps misguided, of PGP emailing was that it was pretty simple. Like I was saying in that first post (and the link there). Is it that easy?

Thanks Hazel. There is only one person I want to use it with, so this shouldn't be a problem.

But even encrypting your email won't hide such things as the sender, recipient, subject line etc...

You may be better off using webmail (such as protonmail.com), since the transmission will be via HTTPS.

https only encrypts the transmission between the client/desktop and the server...having an https connection to a webmail server says nothing about the encryption of the email itself.

I suspect that any encryption of email is going to leave the headers intact because they define the destination of the message and/or are added by servers en route and wouldn’t, therefore, be encrypted.

I use Thunderbird with Enigmail for encryption. They work pretty seamlessly, allow per User choices to be saved, such as whether or not to use encryption for E-Mail messages themselves, and GMail allows SSL/TLS for transportation of E-Mail. Signing of messages is also allowed. Multi-part messages are supported; even attachments are encrypted.

Not sure if I need to make a new thread, but I figured I'd ask in a PGP thread:

Does anyone know if it's possible to update a PGP key already uploaded to the MIT PGP server? I recently made a RSA2056 key and uploaded it to the server. A few days later, I made a new one with RSA4096 and want to replace the 2056 one. Is this possible?

You can add your new key. AFAIK the old key-servers are not allowing the replacement of one key against another. Based on the key-id, you can replace a key with the identical id, meaning that you can “add“ signatures. Exchanging keys with different IDs (different keys) is not possible...

Things like this had been considered for long and new key-servers are in operation, now. I do not know what they have implemented in the meantime.

1 members found this post helpful.

Anonymization had not been the topic, here.
Web-mail is not mail but giving you, via HTTP, a view on your mail (which came by mail, not http) and “something” is relaying the input from a HTML input form for transport via the mail-system.

GnuPG or PGP are playing no role in this context. You can try to encrypt something you want to hand over to a HTML-form, but you can bet that “something” (the same) will mangle the document in a way that renders it incompatible to something else. PGP and GnuPG are for mail, not for HTTP.