SELS

About NCSA Projects User Info News

University of Illinois
at Urbana-Champaign

sels

SourceForge.net Logo

Download SELS brochure

SELS Brochure

Subscriber

Quick links: Prerequisites Usage
A Subscriber subscribes to OR is invited by a List Moderator to subscribe to a list, hosted on the SELS List Server. A subscriber does NOT need to download the SELS code.

By following these instructions, you will be able to subscribe to a SELS list and obtain the necessary keys to send and receive encrypted messages.

Prerequisites

  1. Install the latest version of GnuPG for your OS. ( Linux/Unix, MacOS or Windows)
  2. Install a mail client with an appropriate GnuPG plugin. Click here for supported clients.
  3. It is recommended that you sign encrypted messages going to the list. Use your existing GnuPG key pair for signing and verification or generate a new one. Disable any saved passwords on the GnuPG email client plugin, to avoid confusion.

Usage

    Let us say you want to subscribe to the secure email list mylist and your email address is testusr@pkirack1.ncsa.uiuc.edu. To do so, please follow these steps.

  1. Subscribing to a Secure Email List

    Go to the list page and subscribe to a list using your email address, testusr@pkirack1.ncsa.uiuc.edu. On receiving an email from the List Server, you must confirm your subscription either by replying to the email or following a web link provided in the email. On successful subscription you will receive an acknowledgement email from the List Moderator. Alternatively the List Moderator may invite you to join a list.

  2. Receiving Keys for the List

    You will receive four emails from the List Moderator. Note that the List Moderator executes some manual steps before sending you these emails, therefore, please allow for some time during business hours for these emails to be sent.

  3. Step1

    The first email with subject "Instructions for setting up keys for mylist testusr(mylist)<testusr@pkirack1.ncsa.uiuc.edu>
    subscribed to list mylist"
    contains instructions to follow for the next two emails the subscriber is going to receive.

    Step 2

    The second email with subject "LM public key mylist testusr(mylist)<testusr@pkirack1.ncsa.uiuc.edu>" contains the signature verification key (public-key) of the List Moderator.

    Step 3

    The third email is a passphrase encrypted message with subject "Accept mylist testusr (mylist) <user@pkirack1.ncsa.uiuc.edu>" from the List Moderator. This email contains four keys, which you require for using SELS. These keys are your individual decryption and encryption keys (for the list), the list encryption key and List Server Administrator's signature verification key.

  4. Installing Keys for the List

    Step 2

    You must import the List Moderator's signature verification key, contained in the first email message, into your GnuPG keyring in order to verify the signature on the second message. To do so, save the first email message to a file, say foo.gpg. Then execute the command gpg --import foo.gpg . A sample execution is shown below:

    $ gpg --import foo.gpg 
    gpg: key DA73F75J: public key "Test Moderator <test-mod@pkirack1.ncsa.uiuc.edu>" imported 
    gpg: Total number processed: 1
    gpg:               imported: 1

    Note the key-id of the key imported which is DA73F75J in the example shown above.

    Note : You might be able to import the key using the email client user interface and not have to use command line depending on the email client and PGP plugin you are using. Some email clients and plugins (e.g., Thunderbird with Enigmail, Mac Mail with Mac GPG) allow for importing of keys directly from the email client interface while others ( e.g., Mutt, Emacs) don't.

    We recommend you place 'full trust' in the imported List Moderator's key in your GnuPG keyring and then sign it locally prior to its use.

    Note : If you do not want to place full trust in this key then please look at this FAQ item.

    To do so you need to execute the command gpg --edit-key keyID where keyID is the 8 character hexadecimal key identifier of the key you just imported (which you noted above). This keyID can also be determined by executing the command gpg --list-keys and looking for the key with name containing the the List Moderator's email-id.

    Note: Prior to placing 'full trust' in this key it is recommended that you authenticate it, for example, by crosschecking the fingerprint ( using command gpg --fingerprint keyid or as shown below) of the key with the list moderator by some out-of-band like telephone
    . A sample execution is shown below:
    $ gpg --list-keys 
    /home/testusr/.gnupg/pubring.gpg 
    --------------------------------- 
    pub  1024D/DA73F75J 2006-10-31
    uid                 Test Moderator <test-mod@pkirack1.ncsa.uiuc.edu>
    sub  1024g/FF67EAC8 2006-10-31
    .
    .
    .
    
    $gpg --edit-key DA73F75J
    pub  1024D/DA73F75J  created: 2006-10-31  expires: never       usage: SC
                         trust: unknown       validity: unknown
    sub  1024g/FF67EAC8  created: 2006-10-31  expires: never       usage: E
    [ unknown] (1). Test Moderator <test-mod@pkirack1.ncsa.uiuc.edu>
    
    Command> fpr
    pub  1024D/DA73F75J 2006-10-31 Test Moderator <test-mod@pkirack1.ncsa.uiuc.edu>
     Primary key fingerprint: 2B47 2121 93C3 5495 95D8  585C 72DC 9142 DA73 F75J
    
    Command> trust
    
    pub  1024D/DA73F75J  created: 2006-10-31  expires: never       usage: SC
                         trust: unknown       validity: unknown
    sub  1024g/FF67EAC8  created: 2006-10-31  expires: never       usage: E
    [ unknown] (1). Test Moderator <test-mod@pkirack1.ncsa.uiuc.edu>
    
    Please decide how far you trust this user to correctly verify other users' keys
    (by looking at passports, checking fingerprints from different sources, etc.)
    
      1 = I don't know or won't say
      2 = I do NOT trust
      3 = I trust marginally
      4 = I trust fully
      5 = I trust ultimately
      m = back to the main menu
    
    Your decision? 4
    Do you really want to set this key to full trust? (y/N) y
                                                                
    pub  1024D/DA73F75J  created: 2006-10-31  expires: never       usage: SC
                         trust: full     validity: unknown
    sub  1024g/FF67EAC8  created: 2006-10-31  expires: never       usage: E
    [ unknown] (1). Test Moderator <test-mod@pkirack1.ncsa.uiuc.edu>
    Please note that the shown key validity is not necessarily correct
    unless you restart the program.
    
    Command> q
    $
    gpg --default-key CB4J862D  --lsign-key DA73F75J
    
            
    Step 3

    You must now decrypt the second email message, verify the signature on it and them import the four keys contained in the message to your GnuPG keyring.

    To decrypt the email message you require a passphrase. This passphrase will be given to you out-of-band by the List Moderator; e.g., in person or via a telephone call. Once you receive the passphrase save the email message to a file say enc_msg.gpg,. Now, execute the following GnuPG command to decrypt the message and use the passphrase provided by the List Moderator, when prompted.

    gpg --decrypt enc_msg.gpg > keys.gpg

    To verify the LM's signature on this email, and decode the keys sent by the LM execute the following GnuPG command. NOTE: To verify the signature on this message you need the LM's signature verification key (public-key) that you received in the first message.This command will fail if you haven't imported the key from the first message.

    gpg --decrypt keys.gpg > keys

    Make sure the signature verification succeeded before importing the keys using the following command:

    gpg --import --allow-secret-key-import keys

    These steps along with a graphical illustration are provided here. A sample execution is shown below.

    $gpg --decrypt enc_msg.gpg > keys.gpg 
    gpg: CAST5 encrypted data
    Enter passphrase:
    gpg: encrypted with 1 passphrase
    gpg: WARNING: message was not integrity protected
    
    $gpg --decrypt keys.gpg > keys
    gpg: Signature made 11/1/06 15:13:32 using DSA key ID DA73F75J
    gpg: Good signature from "Test Moderator <test_mod@pkirack1.ncsa.uiuc.edu>"
    
    $gpg --import --allow-secret-key-import keys
    gpg: key AC0ED7B5: public key "testusr (mylist) <testusr@pkirack1.ncsa.uiuc.edu>" imported
    gpg: key AC0ED7B5: secret key imported
    gpg: key AC0ED7B5: "testusr (mylist) <testusr@pkirack1.ncsa.uiuc.edu>" not changed
    gpg: key 00F3CC43: public key "LK (mylist) <mylist@pkirack1.ncsa.uiuc.edu>" imported
    gpg: key 2D7533B2: public key "selsadmin <selsadmin@pkirack1.ncsa.uiuc.edu>" imported
    gpg: Total number processed: 4
    gpg:               imported: 3
    gpg:              unchanged: 1
    gpg:       secret keys read: 1
    gpg:   secret keys imported: 1
    gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
    gpg: depth: 0  valid:   1  signed:   2  trust: 0-, 0q, 0n, 0m, 0f, 1u
    gpg: depth: 1  valid:   2  signed:   3  trust: 2-, 0q, 0n, 0m, 0f, 0u
    
    $

    We STRONGLY RECOMMEND changing the password for your list decryption key, to be the same as your own GPG signature key for ease of use. Otherwise you will have to enter different passwords for sending and receiving messages. Either use your GPG plugin's key management interface or the GPG command gpg --edit-key key-id where key-id is the one you have noted in the above step. Type passwd at the command prompt and follow instructions. The initial password is the password you used to decrypt the email message above. Type quit at the command prompt to exit. A sample exeuction is shown below:

    $gpg --edit-key DA73F75J
    pub  1024D/DA73F75J  created: 2006-10-31  expires: never       usage: SC
                         trust: unknown       validity: unknown
    sub  1024g/FF67EAC8  created: 2006-10-31  expires: never       usage: E
    [ unknown] (1). Test Moderator <test-mod@pkirack1.ncsa.uiuc.edu>
    
    Command> passwd
    Key is protected.
    
    You need a passphrase to unlock the secret key for
    user: "Test Moderator <test-mod@pkirack1.ncsa.uiuc.edu>"
    1024-bit DSA key, ID DA73F75J, created 2006-10-31
    
    Enter passphrase:
    
    Enter the new passphrase for this secret key.
    
    Enter passphrase:
    Repeat passphrase:
    
    Command> q
    Save changes? (y/N) y
    
    $
    Email 4

    The fourth email with subject "Update for user testuser (mylist)<testuser@pkirack1.ncsa.uiuc.edu> of list mylist" is a notification for the user, that his corresponding (or proxy) keys have been generated at the List Server. If a user does not get this information, he should contact the List Moderator.

  5. Sending and Receiving Secure Emails

    You are now ready to send and receive secure emails. SELS lists support messages composed as text/plain and PGP MIME messages. Currently messages composed as HTML are NOT supported. SELS also supports attachments as described here.

    The email address for the list will be mylist@pkirack1.ncsa.uiuc.edu. When sending an email to the list, you must choose the encrypt option from the email client menu (or encrypt command depending on the email client). The encryption key will be chosen automatically from the keyring. You can additionally choose to sign the email message, for integrity purposes.

    On receiving a secure email you must decrypt the email to see its contents. To do so your email client will ask for a passphrase that unlocks your decryption key. You can also configure the email client to automatically decrypt incoming email for some clients. You may subscribe to more than one secure email list.

  6. For a guide with screenshots for Thunderbird with Enigmail go here
    For a demo movie showing use of Thunderbird with Enigmail go here

    Guide with screenshots for Macmail with GPGMail coming soon !


    Copyright 2000-2008 Board of Trustees of the University of Illinois.