Working With Secure Messages
Email and Calendar includes security features
that you can use to ensure that messages are not forged, and that the content
of your messages cannot be read by anyone other than the intended recipient. Email and Calendar uses Pretty Good Privacy (PGP) and GNU Privacy Guard (GPG) to implement
security features.
PGP and GPG use public key encryption. That is, PGP and GPG use two keys, as follows:
- Public key
-
You give this key to anyone who wants to send you an encrypted message, or to whom you want to send encrypted messages. Messages are encrypted with this key.
You exchange public keys with anyone to whom you want to send and receive signed messages or encrypted messages. The public key is used to sign or encrypt your messages, and your recipients need the public key to verify or decrypt your messages. When you receive a public key from someone, you import the public key to your public keyring. A public keyring is a file that lists all of the public keys that you know.
- Private key
-
This is your secret key. You do not disclose your private key to anyone. Encrypted messages are decrypted with this key.
You can use security features with your messages in the following ways:
-
Add an encrypted signature to a message that you send. The message is not encrypted, but the receiver can use the signature to verify that the message is from you.
-
Encrypt a message that you send.
-
Verify a signed message that you receive.
-
Decrypt a message that you receive.
When you create your public key and private key, you create a security passphrase. You use the security passphrase when you
use the security features in Email and Calendar.
To Sign a Message
To sign a message that you send, choose Security -> PGP Sign from the message composition window. When you send the message, an Enter Password dialog is displayed. Enter your security passphrase in the dialog, then click OK.
To Send an Encrypted Message
To encrypt a message that you send, choose Security -> PGP Encrypt from the message composition window, before you send the message. When you send the message, an Enter Password dialog is displayed. Enter your security passphrase in the dialog, then click OK.
To Verify a Signed Message
To verify a signed message that you receive, open the message and scroll to the end of the message. Click on the lock icon. If the sender is in your public keyring, a message is displayed that confirms that the sender of the message is authentic. If the sender is not in your public keyring, a message is displayed that says that the security features cannot authenticate the sender of the message.
To Decrypt a Message
To read a message that has been sent to you and encrypted with your public key, you must provide your security passphrase. When you open the message, an Enter Password dialog is displayed. Enter your security passphrase in the dialog, then click OK.
- © 2010, Oracle Corporation and/or its affiliates