| 1 |
On Thursday, 23 May 2019 16:40:23 BST Dale wrote: |
| 2 |
> Howdy, |
| 3 |
> |
| 4 |
> I'm trying to get some legal work done. I'm trying to do this over |
| 5 |
> email with a lawyer. For obvious reasons, I want to do this encrypted |
| 6 |
> but suspect they are not set up for this. |
| 7 |
|
| 8 |
Have you asked them? If they have some setup they use to ensure client |
| 9 |
confidentiality and data privacy, you'd be much better off to jump onto their |
| 10 |
system, rather than trying to negotiate the configuration of PGP and S/MIME |
| 11 |
with legal staff who may have zero technical capability and poor/uncooperative |
| 12 |
IT support. |
| 13 |
|
| 14 |
|
| 15 |
> They have two email accounts |
| 16 |
> that I know of. Is it possible to have one set of keys and one password |
| 17 |
> to work on two different email accounts with two different addresses? |
| 18 |
> Example, one account is greg@××××××.com and his paralegal helper is |
| 19 |
> ann@××××××.com. They are both on the same server and it is a private |
| 20 |
> server, not yahoo, gmail or something. |
| 21 |
> |
| 22 |
> I tried to google this but didn't see anything that answers this, which |
| 23 |
> makes me think this can't be done or isn't a good thing to do. |
| 24 |
> |
| 25 |
> Thanks much. |
| 26 |
> |
| 27 |
> Dale |
| 28 |
> |
| 29 |
> :-) :-) |
| 30 |
|
| 31 |
|
| 32 |
GnuPG can be configured with various subkeys. So, one gpg master key can have |
| 33 |
multiple subkeys, each with different email addresses and different or the |
| 34 |
same passwords. However, why would you need the same key for two different |
| 35 |
email recipients? |
| 36 |
|
| 37 |
You may want to clarify what it is you intend to encrypt? Email content? |
| 38 |
Documents? Both? |
| 39 |
|
| 40 |
You could encrypt email messages with gpg or S/MIME which uses TLS |
| 41 |
certificates - neither are easy unless the recipients are technically clued |
| 42 |
up. |
| 43 |
|
| 44 |
You could encrypt word documents with TLS certificates - MSWord and |
| 45 |
LibreOffice can work with those, but the certificate will need to be imported |
| 46 |
and accepted as 'trusted' in the OS certificate manager, unless it has been |
| 47 |
issued by one of the expensive CAs which are included in the MSWindows OS (I |
| 48 |
am assuming they are using MSWindows). Adobe reader is more difficult with |
| 49 |
TLS certificates. From what I recall it wants one of its own associated (and |
| 50 |
expensive) CAs to be used, or it will refuse to work. There are other PDF |
| 51 |
readers, but I don't know how receptive they are to free or self-signed TLS |
| 52 |
certificates. |
| 53 |
|
| 54 |
You could also use a zip application with a pre-shared password - 7zip is |
| 55 |
free, easy to use and will work with strong encryption, assuming the lawyers |
| 56 |
can install it on their systems. |
| 57 |
|
| 58 |
Rather than trying to navigate the complexity of setting up gpg or S/MIME |
| 59 |
certificates, configuring email clients, individual OS' certificate managers, |
| 60 |
training lawyers to use them and hoping they will not at some point click the |
| 61 |
send button while forgetting to encrypt the message, it may be much simpler to |
| 62 |
use 7zip for documents sent in unencrypted email. |
| 63 |
|
| 64 |
Alternatively, if you/they have access to a file server you could set up a |
| 65 |
secure area for uploading/downloading documents to/from, rather than pinging |
| 66 |
messages over various email servers. A server at your home address would be |
| 67 |
best, as you could lock it down to only accept connections from specific IP |
| 68 |
addresses and user accounts, which you will set up and control yourself. |
| 69 |
|
| 70 |
-- |
| 71 |
Regards, |
| 72 |
Mick |
Archives