GPG guide/Textual Draft

From LibrePlanet
< GPG guide
Revision as of 17:54, 8 May 2014 by Zakkai (talk | contribs) (Miscellaneous things that should be considered for inclusion in the guide)
Jump to: navigation, search

Random Notes

  • Really think about ways that this will be about making the fact that you use GPG part of your online identity, and make this a vector for driving people to the guide. For example, have people put their GPG key up on their blogs and social media sites, with a link (perhaps with logo, graphic, embed code, something cool) to our guide. Is there a good standard way to list this on your FB? Twitter? We can get people to do this even if they are already using GPG.
  • Audience: People who are excited about technology and involved in movements like ours, but don't already know how to use GPG.
  • Think about licensing
  • How do we visually do the troubleshooting? The different operating systems?
  • Name ideas
    • Safe email 101
    • Encryption 101
    • Encrypt your email
    • Safe email

Page elements

  • Infographic
  • Intro paragraph
    • Says it's great to do this with a friend, but we designed it so that it also works fine for one person.
  • Step-by-step guide
  • Next steps section

Infographic breakdown

See separate page

Guide breakdown (based loosely on <https://www.enigmail.net/documentation/quickstart.php>)

The idea is for the guide to be broken down into concise steps, with a focus on the actual steps, rather than in-depth explanations of why or how things work. The guide will have a series of sections, each with introductory text. Each section will have a series of steps, each with a number and concise but descriptive name, to make it easy to refer to different parts of it. Each step will have an FAQ-style troubleshooting section, and each entry in the troubleshooting will have a name and a body, which consists of help text. We need to think about the visual presentation of the versions for different operating systems and of the troubleshooting. One possibility is tabs for the operating system and expanding boxes that start collapsed for troubleshooting. Troubleshooting could also be in a separate section at the bottom of the page that looks like an FAQ. Keep in mind that the order and content of the steps may change a lot in development.

Section 1: Get the pieces

Step: Get Thunderbird if you don't already have it

  • Check if you have Thunderbird installed. If you do, skip this step.
  • Download and install

Step: Configure Thunderbird for your email account if it isn't already

  • Check if you have Thunderbird configured for the email account you want to use. If you do, skip this step.
  • Configure it. We may need to link out to another tutorial to avoid covering a huge number of different questions about various mail server configurations.

Step: Get GnuPG if you don't already have it

  • Check if you have GnuPG installed. If you do, skip this step.
  • Download and install

Step: Install Enigmail

  • Check if you have Enigmail installed. If you do, skip this step.
  • Download and install


Section 2: Put them together

Intro text

Explains the difference between signing and encryption with example cases.

Step: Make a keypair

  • Make a keypair with these settings.

Step: Upload it to a server

  • Upload it to this specific server.

Step: Download the test bot's key from a keyserver

  • Download it from this keyserver
  • Look in this display to see that you have it

Step: Send a test encrypted email

  • Send it to the bot at this address and wait for this confirmation.

Step: Send a test signed email

  • Send it to the bot at this address and wait for this confirmation.


Section 3: Use it well

Intro paragraph

Everyone uses this a little differently. Send signed emails in this context. Send encrypted emails in this context. Talk about the Web of Trust.

Step: Make it part of your online identity

  • Publish it to your email signature, social media profile, blog, Website, business card in these ways. Put it anywhere that you put your email address.
  • Tell your friends about it

Step: Get your key signed by people

  • Refer them to the instructions in the previous step

Step: Sign other peoples' keys

  • Download them or get them on a flash drive.
  • Sign them
  • Upload them

Step: Keep it up to date

  • Refresh your keys
  • Keep track of expiration dates

Next steps breakdown

    • Attend or host a keysigning party (is there a good way to find them?)
    • An encrypted email group where people talk about encryption: <http://groups.yahoo.com/neo>/groups/PGPNET/info
    • Try other encryption technologies: OTR, encrypting your hard drive, Tor
    • Link to surveillance collection in directory, or prism-break with free software filter, if that has been set up
    • Donate to the FSF or GnuPG, Thunderbird or Enigmail!

Miscellaneous things that should be considered for inclusion in the guide

  • Rationale for technical recommendations that we make (like key size and which keyserver to use)
  • Links to more detailed descriptions of things on other pages (like how to use keyservers)
  • RSA versus DSA
  • Saving unencrypted drafts to servers, as per Micah Lee's email to liberationtech
  • Link to dedicated keyserver for people to use, run by us, so that we can track who is getting started through our campaign.
Retrieved from "https://libreplanet.org/wiki?title=GPG_guide/Textual_Draft&oldid=34782"