Silk Road forums

Discussion => Security => Topic started by: ThomasHobbes on September 25, 2013, 04:03 pm

Title: Best Email Provider for PGP Messaging?
Post by: ThomasHobbes on September 25, 2013, 04:03 pm
Hi all - was just wondering if anyone could shed some light on the best email provider for PGP messaging?

I'm in the process of preparing for my first purchase and coming across PGP encryption - it seems (unless I am mistaken) that with a public PGP key comes an email address. Unless I am missing the point here, it seems pretty silly to use a personal email address or a popular host such as hotmail or gmail...

so my question is - should you use PGP messaging with an encryption friendly / "safe" provider? And if so, who would you recommend?

I have seen the following touted if anyone has any thoughts...

safe-mail.net
mail.day.az

If this becomes a useful resource will endeavor to keep it updated with a list of providers...

Thanks!

Title: Re: Best Email Provider for PGP Messaging?
Post by: ThomasHobbes on September 25, 2013, 04:05 pm
Unless - thinking about it - perhaps I am mistaken about the importance of the email provider since with PGP messaging you're not actually sending messages via the email itself (when the messages are passed via forums such as this), just the email is required to register?
Title: Re: Best Email Provider for PGP Messaging?
Post by: Rastaman Vibration on September 25, 2013, 04:56 pm
You are correct. The email address you use to generate your PGP key will not be used to send or receive any messages. So you don't really need a "safe" email provider. I just made up a fake email for my PGP key, rastaman@smokeweedeveryday.net for example. Just dont use an email address that can be tied to your real identity, as anyone who imports your PGP key will be able to see it
Title: Re: Best Email Provider for PGP Messaging?
Post by: galileosophia on September 25, 2013, 09:51 pm
There isn't a best provider for GPG.  You can use GPG for any e-mail and the result will be equivalent across providers.  If you find any provider that keeps track of your GPG keys for you, run the fuck away.

However, for easy to use GPG plug-ins I recommend using the Elgamail plug-in with Thunderbird, the GPG plugin for Claws Mail, or Mailvelope for gmail with Chrome.
Title: Re: Best Email Provider for PGP Messaging?
Post by: Hungry ghost on September 26, 2013, 08:17 am
I wouldn't use any email management such as Thunderbird for any illicit activity.
 As above, the email used in generating key can be totallymadeup@fictional emailprovider.com.
   Its a good idea to include your SR name in the name field ( this is not asecurity risk as you will only be using this key to send messages within SR) it helps vendors keep track of whose message they are reading (also don't use GPG for most messages unless a vendor states this on their page, or you are extra concerned about security. )Most people use GPG just to encrypt address.
 If you are messaging a vendor a simple question then if the site is hacked by LE just having messages between you and vendor is probably  as incriminating as content. Unless the message is "Send that Kilo of Heroin to 123 Fictional Avenue, Fantasy town," in which case use encryption! Basically anything with personal info. If you are messaging a drug vendor on a drug site, tthey can hazard a pretty good guess what you are messaging about anyway, you just don't want any times, names or locations unencrypted,