To generate a key pair, click “Tools,” and then select “OpenPGP Key Manager.” You have to have a working email account inside Thunderbird before you can set up OpenPGP. If this is the first time you’ve used Thunderbird, configure your email address and account details, and then verify that email is functioning normally. We’re running version 78.5.0, so the OpenPGP integration will definitely be present. To see which version of Thunderbird you have, click Help > About Thunderbird. If you can’t see the Thunderbird menu bar, right-click the space to the right of the last tab, and then select “Menu Bar” from the context menu. This way, if something goes wrong, you can go back to the previous version.īy default, Thunderbird 78.x retains the classic three-pane email interface: the accounts and folders in the sidebar, the list of received emails at the top, and the content of the highlighted email at the bottom. They include advice about backing up your old Thunderbird profile before you upgrade.
If you use Enigmail, refer to the upgrade instructions on the Mozilla support pages. You can use your package manager to upgrade if necessary. OpenPGP integration arrived in Thunderbird 78.2.1, so you’ll want to make sure you’re running that version or higher. So, if you’re running Windows, you should be able to follow the instructions below, as well! Checking the Thunderbird Version
On a Windows 10 PC, all the Thunderbird menu items, settings, and dialogs were named the same and in the same locations. We tested Thunderbird’s OpenPGP integration on an Ubuntu 20.10 computer. Thankfully, once OpenPGP is set up, all of this happens automatically. Each recipient can decrypt the copy of the random key that was encrypted using their public key, and then use the random key to decrypt the message.
All of the encrypted keys are then sent with the message.
This is because no public or private keys have been involved at that point, making the encryption on the message person-agnostic.įor each recipient, the random key is encrypted using that person’s public key. The most efficient way to distribute a message to several people is to encrypt the message using the random key. Why not just use the recipient’s public key to encrypt the message? This would work for messages sent to a single recipient, but it would be too cumbersome for those sent to multiple people.
The random key can then be used to decrypt the encoded message. The recipient’s email program uses the recipient’s private key to decrypt the random key. The random key is then encrypted with the recipient’s public key, and the encrypted message and key are then sent to the recipient. The sender’s email client generates a random key which is used to encrypt the message. Private keys can also be used to decrypt messages encoded with the matching public key. Public keys are shared with anyone to whom you want to send encrypted messages, whereas private keys are never shared with anyone else. To use OpenPGP, you must have a public and private key pair. OpenPGP uses the principle of pairs of public and private (or “secret”) encryption keys. It also lets you digitally sign a message so your recipient can be confident the message hasn’t been altered in transit. Then, only the people you want to read your message will be able to do so. Thunderbird’s OpenPGP integration allows you to encrypt a message. Based on the freeware versions of Phil Zimmerman’s Pretty Good Privacy (PGP), it’s now very much its own thing. Thunderbird uses OpenPGP for encryption, which is a free, nonproprietary protocol. This integration means you no longer need add-ons like Enigmail. Version 78.2.1 of the Thunderbird email client has support for end-to-end encryption (e2ee) built right in.