## Generating a PGP Key # Go to `Tools` → `Account Settings`, then from the left panel, select `End-To-End Encryption`. # Click on `Add Key...`:\\ Attach:thunderbird-pgp-07.png # If you have an existing OpenPGP Key, select `Import an existing OpenPGP Key`. In this tutorial, we will `Create a new OpenPGP Key`, so click `Continue`:\\ Attach:thunderbird-pgp-08.png # Click `Generate key`:\\ Attach:thunderbird-pgp-09.png # Click `Confirm`:\\ Attach:thunderbird-pgp-10.png # Now when you write an email, you can attach your public key, sign the email, or encrypt the email.\\ Attach:thunderbird-pgp-11.png ## Importing a PGP Key There are two ways to add a PGP key: ### Import from URL # Go to `Tools` → `OpenPGP Key Manager`:\\ Attach:thunderbird-pgp-01.png # Go to `Edit` → `Import Key(s) From URL`:\\ Attach:thunderbird-pgp-02.png # Paste the URL for the public key then click `OK`:\\ Attach:thunderbird-pgp-03.png # Verify the key fingerprint and emails. Check the fingerprint to make sure it is the key you want.\\ You will want to use an independent method (besides the website URL) to be certain this key truly comes from the user it claims to be from. You can use a phone call, IRC chat, email, photo, or real life visit. If youf don't verify carefully, you can get scammed!\\ If you accept the key, select `Accepted (unverified)` then click `OK`.\\ Attach:thunderbird-pgp-04.png # Click on `View Details and manage key acceptance`.\\ Attach:thunderbird-pgp-05.png # For this step, you will need to independently verify that this key truly comes from the user it claims to be from. Use something besides the website URL, like a phone call or secure chat. If you don't verify carefully, you can get scammed!\\ If you have verified the fingerprint, select `Yes, I have verified in person this key has the correct fingerprint.`. (The bottom row)\\ Attach:thunderbird-pgp-06.png # Click `OK` again, then click `Close`. # When you view an email that has been signed with the key you imported, it should show as verified:\\ Attach:thunderbird-pgp-06b.png ### Import from Clipboard # Go to `Tools` → `OpenPGP Key Manager`:\\ Attach:thunderbird-pgp-01.png # Copy the entire public key into your clipboard by selecting the fingerprint then typing ⌘+C. # Go to `Edit` → `Import Key(s) From Clipboard`:\\ Attach:thunderbird-pgp-02.png # Continue from Step 4 on `Import from URL` above. ## Uploading a Public Key # Go to `Tools` → `OpenPGP Key Manager`: # Select `Edit` → `Copy Public Key(s) To Clipboard`:\\ Attach:thunderbird-pgp-12.png # Click `Close`:\\ Attach:thunderbird-pgp-13.png # [Upload your key to a keyserver](/pgp/upload) ## Signing an Email # At the top left, select the tab `Inbox`, then click on `Write`. # At the top of the window, click on `Security`. If you click `Attach My Public Key`, it will send your key to the receiver so he can send encrypted emails to you and verify your signature. If you click `Digitally Sign This Message`, you will sign the email and the receiver can be certain the message was not forged. If you click `Require Encryption`, it will encrypt the message.\\ **WARNING:** If you encrypt the message but your receiver loses his PGP key, the email can never be decrypted and read. For this reason, it may be better not to encrypt email if the contents do not need secrecy.\\ Attach:thunderbird-pgp-14.png