Creating/Acquiring Keys

In order to receive encrypted messages, you must first create a “key pair", consisting of a Public Key and a Secret Key, and then make your public key available to anyone who might want to send you encrypted messages.

Other people use your Public Key to encrypt the message. Subsequently, only your Secret Key can decrypt it.

In turn, to send encrypted messages to someone else, you must get their Public Key. In addition, their public key must correspond to the email address to which you are sending the message. For example, if Dr Joe Blow has sent you his public key for his email address joe@isp.com.au, then that is the email address to which you must send the message. If he has another email address j.blow@isp.com.au, then you will not be able to encrypt messages going to that email address with his original public key. (Unless there is a sub-key, but that’s a whole new layer of complications!)

On Macintosh, the Terminal will open. On Windows, the Command Prompt will open. In either case, simply follow the prompts, accepting the default choices in each case. On Macintosh, when you are finished type exit and hit the Return key, and then quit the Terminal.

If you don’t want to be asked for your encryption password each time you try to decrypt a message, you should enter it into the PGP Password field in your Email Preferences now.

Note: These keys are NOT stored in the Genie data file. They are stored in their own directories on the computer. On Windows, they are stored in the gnupg folder you specified earlier. On Macintosh, they are stored in an invisible folder called “.gnupg” in your home directory.

1.	Email it to them by clicking the Email Key button. This creates an email message with your public key in the body of the message.

Make it available on a keyserver.
A keyserver is a computer on the internet which stores public keys which can then be downloaded by anyone. There are many of these keyservers around the world. Some of the GP Divisions are beginning to host their own keyserver for the doctors in their division. In Genie, there are 2 default keyservers installed. The first is Tony Lembke’s at: keyserver.medicineau.net.au. The other is: subkeys.pgp.net just as an example. To upload your public key to a keyserver, select the keyserver from the popup menu at top right, click on your public key, and then click the Upload button.

If your local division already has a keyserver, type in the address, and then select Add to Favourites from the popup menu above.

If they have placed their key on a keyserver, you can find and retrieve it by clicking on the Keyserver Tab to display the following window:

Enter the Keyserver Address and the Search String. The search string can be one item, or a combination of first name, surname or email address. If you enter more than one search string, they should be separated by a comma.

A list of matching keys will be displayed if the search is successful. Highlight the one you want, and then click the Download From Keyserver button. You can now send encrypted emails to this person!

If your correspondent has emailed you their key, you can save it into a text file on your hard drive, and then click the Import button in the Keyring Tab.

Alternatively, on Macintosh only, you can copy the text of the key, click the Paste Key button in the Keyring Tab (this button is only available on Macintosh machines), and paste the key into the displayed area.