One of the interesting barriers we’ve encountered during the rewrite of Hacker High School has been the trickiness of using email security. It’s pretty bad for us as professionals not to be versed in using PGP and S/MIME, even though both are painful. Here’s my response to one of the contributors asking how to choose and use a PGP/GPG product:
For all practical purposes, take your OS, add your mail client, search thoroughly and you’ll likely find your range of choices limited. On Mac/Thunderbird, it seems to be OpenPGP or Die. Notice the conflation of “Open” and “PGP”? Underneath it’s Enigmail regardless.
Then follow instructions everywhere for generating your key(s).
Then you’ll need the keys of whomever you want to send encrypted email. Stir up thoroughly until recipient confusion eventually gets their key to you (coach them to pull down their GPG menu and check “sign this message” and “include my cert with the message”)
When you’ve got the key you need to email to a trusted recipient, you’ll need to follow the instructions found *nowhere* and *sign* that person’s key in order to be able to use it! I check the boxes “I have done casual checking” and “keep this signature locally only.” Fumble around until you achieve encryption, and voila! Elegant as scrambled eggs.