GPG guide/Textual Draft

From LibrePlanet
< GPG guide
Revision as of 14:22, 8 May 2014 by Zakkai (talk | contribs) (Created page with "As per conversation with John, there will be an infographic, but there will also be a lots of non-text stuff in the guide to make it graphically engaging. Call-out boxes, quotes,...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

As per conversation with John, there will be an infographic, but there will also be a lots of non-text stuff in the guide to make it graphically engaging. Call-out boxes, quotes, labeled screenshots, maybe dynamic dropdowns for troubleshooting.

Notes

  • Collect interface examples and review AGP and role of encryption in phone OS's -- next step is to look at what Kxra added to Brains for this, I believe to the conceptualization document
  • Incorporate work hours for things and ask for help
  • Include collab with CMJ?
  • Look up webmail encryption stuff
  • Launch is blog post (and PR?) with date for IRC help session/set-up party
  • The audicence for this is the people that attended the cryptoparty, which is quite a lot. People who are excited about technology and involved in movements like ours, but don't already know how to use GPG.
  • Somewhere, include a template email and microblog to send out to your friends to tell them that you are using this and they should join you
  • Include signing and encryption, or just encryption?

Page elements

  • Architecture options
    • Option 1: Plone page on FSF.org, potentially at <https://fsf.org/campaigns/surveillance/encryption_guide> with a redirect of some form to simplify the url, maybe even its own domain
    • Option 2: Bootstrap site on FSF.org, but outside of Plone. This would make it more attractive, more portable to a Drupal system, and would probably make it easier for us to use tabs to separate the instructions
  • Intro paragraph
    • Importance of GPG in surveillance context
    • When you might want to use GPG
    • Importance of software freedom for privacy, and/or have this in a sidebox
    • Overview of the materials and encouragement to use them. Says it's great to do this with a friend, but we designed it so that it also works fine for one person.
  • Infographic
    • Outline the basics of GPG's public key encryption system, in a narrative way that also demonstrates when and why it is important and necessary to use encryption
    • CC BY SA, with license info on the graphic itself so that people don't have to worry about adding to the pages they display the graphic on
    • Encourages people to go to the page for this campaign, so that they can get instructions for setting up GPG
  • Instructions for setup and use of GnuPG with Engimail in Thunderbird
    • Above actual instructions, a bold notice about the next upcoming opportunity to work on setup with expert help, for example the online set-up party we will host for the launch of this system. We'll comment it out afterwards, and bring it back whenever similar opportunities arise.
    • Separated by operating sytem, with versions for GNU/Linux and Windows, and maybe also OS X

_Maybe_

  • Potentially a sidebox about weaknesses in this system linking to an external resource about general good security practices and why you should just use free software instead of windows. This message could also/alternately go at the end of the Windows guide.
  • Sidebox explaining why it's important that GPG is free software?

Infographic breakdown

  • _Should grip people into wanting to participate and show them why this is important, in addition to (or instead of?) just showing them how encryption works. Overall message is "you've heard of this problem, but did you know you can do something about it? Here's how. People will share because it feels like (part of) a solution to a problem that is weighing on them
  • Should we instead have two infographics, or a shareable infographic that gets them interested as well as some visual instructions that show people how public key encryption works?
  • This is the closest thing I've seen to what I'm imagining: <http://flossmanuals.net/thunderbird-workbook/>. There's another one a few pages in to the guide, too.
  • Title ideas:
    • How to use encryption to protect your email
    • How to use encryption to protect yourself from surveillance
    • Safe email 101: ...
  • Needs to be pretty self-encompassing, including as much intro information as possible, so that it can be shared.
  • Panel based narrative structure, like a comic
      • First panel explains the problem and has a picture of many characters (or maybe just the original two) sending email to each other that's getting intercepted and little expressions, symbols or speech bubbles that shows all the ways this hurts them. Text refers to the problems inherent with unencrypted meail (surveillance, insecrutiy, chilling free speech, repressing dissidents etc).
      • Then some kind of thing that's like "you can do something about it" You don't have to use it all the time, but knowing how is important, and here are some times to use it. Makes you more secure from surveillance and private companies and in general.
  • URLs for more info are good, but maybe better on the page itself than the graphic, to try to draw more traffic (except direct citations, which can stay on the graphic)


Guide breakdown (based loosely on <https://www.enigmail.net/documentation/quickstart.php>)

  • _The idea is for the guide to be broken down into concise steps, with a focus on the actual steps, rather than in-depth explanations of why or how things work. This will make it shorter and not intimidating to follow. That said, it will have a peppering of little sentences that put each step in context of the general practice of using encryption and protecting privacy._
  • _Each step includes descriptions of possible problems, i.e. "Getting this error? Try this."_
    • Should the answers be in-line or link to a compiled area at the bottom of the page?
  • _Includes screenshots of relevant windows, especially when one has to enter configuration information. No ugly screenshots of whole screens that take up more space than necessary._
  • Section 1: Installation (for GNU/Linux users, assume they have GnuPG and Thunderbird, but tell them how to get them if they don't have them)
    • Get GnuPG if you don't already have it
    • Get Thunderbird
** Configure Thunderbird for your email account
    • Get Enigmail
  • Section 2: Set-up
    • Make a keypair
    • Test signing and encrypting with Adele the keybot, or with a friend
    • Publish your key, with explanation of GPG ID
  • Section 3: Use

_Somehow work in doing this with your friends_

    • How to send encrypted messages and decrypt people's messages
    • How to send signed messages and verify signatures
    • Last step add your key ID to your email signature, along with a link to this guide for getting started. Start signing all your messages and publish your key ID wherever you publish your email address (business cards, Web site, bios, other examples), since this is the best way to advertise that you are using encryption.
    • Point to external resource about Web of Trust, or include our own? Perhaps a sidebox?
    • For users of OSs other than GNU/Linux, a note or sidebox encouraging them to swithc to a free operating system if they want to protect their privacy as much as possible.
  • Next steps
    • Keysigning party (is there a good way to find them?)
    • OTR
    • Encrypting your hard drive
    • Tor
    • Link to surveillance collection in directory, or prism-break with free software filter, if that has been set up
    • Donate to the FSF or GnuPG, Thunderbird or Enigmail!

Things that should be considered for inclusion in the guide

  • RSA versus DSA
  • Saving unencrypted drafts to servers, as per Micah Lee's email to liberationtech
  • Link to dedicated keyserver for people to use, run by us, so that we can track who is getting started through our campaign.

Little resources for getting more involved/next steps

Retrieved from "https://libreplanet.org/wiki?title=GPG_guide/Textual_Draft&oldid=34762"