Introduction to Secure Messaging
When secure email messaging is enabled, PGP Desktop monitors the email traffic between your email client and your mail server. Depending on the circumstances, PGP Desktop will intercede on your behalf to encrypt, sign, decrypt, or verify messages.
For incoming messages, PGP Desktop automatically evaluates all incoming email messages and takes the appropriate actions (described below). In some cases, such as if you have email messages stored from before you installed PGP Desktop 9.0, it is too late for the PGP Desktop email proxy to decrypt them. To decrypt such messages, PGP Desktop retains some of the decryption side of the plugin technology used in previous versions of PGP Desktop.
For outgoing messages, there are a range of actions that PGP Desktop can take on your behalf based on the configured policies. PGP Desktop comes pre-configured by default with finely tuned policies that should suit the needs of the vast majority of users. However, you are also provided with fine-grained control over these policies should you wish to change them. A policy is simply a set of one or more instructions, generally of a form like: “In this circumstance, do this.” By combining one or more instructions, policies can be tailored that meet all of your email security requirements.
By default, when you are sending an outgoing message, PGP Desktop looks for a key it can trust to encrypt the message. It will look first on the local keyring for the public key of the recipient. If it does not find such a key, it will, again by default, check the PGP Global Directory for a trusted key for the recipient. If it does not find a trusted key there, and no other policies apply, by default the Opportunistic Encryption policy will be applied, which means the message will be sent in the clear; that is, unencrypted. This default behavior strikes a balance between protecting outgoing messages and making sure they get sent.
Incoming Messages
As mentioned above, what PGP Desktop does to an incoming mail message depends on the content of the message:
Message not encrypted nor signed. PGP Desktop does nothing to the content of these messages; it simply passes the message along to your email client.
Message encrypted, but not signed. When PGP Desktop sees a message coming to you that is encrypted, it will attempt to decrypt it for you. To do this, PGP Desktop will check the local keyring for the private key that can decrypt the message. If the private key is not on the local keyring, PGP Desktop will not be able to decrypt it; the message will be passed to your email client still encrypted. If the private key is on the local keyring, PGP Desktop will decrypt it immediately if the passphrase for the private key is in memory (cached). If the passphrase is not cached, PGP Desktop will prompt you for the passphrase and decrypt the message when you supply the correct passphrase. Once a message is decrypted, PGP Desktop passes it to your email client.
Message signed, but not encrypted. PGP Desktop will search the local keyring for a public key that can be used to verify the message. If PGP Desktop cannot find the appropriate public key on the local keyring, it will try to search for a keyserver at keys.domain (where domain is the domain of the sender of the message), then the PGP Global Directory (at keyserver.pgp.com), and finally any other configured keyservers. If PGP Desktop finds the right public key at any of these trusted locations, it verifies the signature (or not, if the signature is bad) and passes the message to your email client annotated with information about the signature—more information is also put into the Messaging Log. If PGP Desktop cannot find the appropriate public key, it will pass the message to your email client unverified.
Message encrypted and signed. PGP Desktop goes through both of the processes described above: finding the private key to decrypt the message and finding the public key to verify the message.
If PGP Desktop is unable to either decrypt or verify a message, you might want to consider contacting the sender of the message. If the message couldn’t be decrypted, make sure the sender was using your real public key. If the message couldn’t be verified, ask the sender to publish their key on the PGP Global Directory—older PGP versions or other OpenPGP products can access the web version of this directory at https://keyserver.pgp.com, or ask them to send their public key to you directly by email.
When you receive a message that contains a key, PGP Desktop will automatically remember the key for future use. However, note that PGP Desktop will only encrypt by default to keys that are known to be valid. If you didn’t get a key from the PGP Global Directory, you may need to verify its fingerprint with the owner and sign it for it to be used.
Outgoing Messages
Email messages that you send can be encrypted, signed, both, or neither. Because you probably have different combinations for different recipients or email domains, you need to create policies for all of your outgoing email message possibilities. Once correct policies are in place, your email messages are protected automatically and transparently.