Contrôlez la gestion des clés avec le keystore OpenPGP de Mailfence
The secure and private Mailfence e-mail service comes with an easy-to-use integrated keystore that supports a wide range of features for OpenPGP key management. In this post, we discuss the features of the OpenPGP keystore and the use cases. Whether you use End-to-End Encryption and / or Mailfence’s Digital Signature feature, you can use Mailfence as an easy-to-use web-based keystore. Why ? Because Mailfence is fully interoperable and gives users full control over their OpenPGP keys!
Generate a key pair
- Generate a strong key pair (4096 bits by default) – encrypted with your passphrase.
- It will be associated with the « chosen » email address and the provided name will become your UID (User ID).
- Multiple key pairs can be generated for a single email address.
Export the generated key pair
- Export your Mailfence key pair (with a default sub-ID) in .asc format and use it with any other OpenPGP-compliant solution.
See the details of your key pair
- At any time, you can see the keys and note the important details:
- First name / Last name with the associated key IDs.
- Creation date / expiration date
- Key ID and fingerprint.
Access your key pair from any device
- Define a passphrase to protect your keys (with our zero-knowledge encryption infrastructure): All encryption / decryption processes are done in your device’s browser.
- Import and export your key pairs safely in our OpenPGP keystore via our web interface and access it from any device.
Change the expiration date of your key
- Change the expiration date of your key pair. This can be done, whether it is still valid or expired.
- Set your key pair to « do not expire ».
Edit your private key passphrase
- Change your passphrase at any time. Choose a strong password!
Generate a revocation certificate
- Generate a revocation certificate just after generating your key pair or at any point after generating a key pair.
- Save it in your Mailfence documents or download it to your device.
Revoke your key pair
- Revoke your key pair directly and publish your revocation certificate on the public key servers.
- You can also revoke it without publishing the revocation certificate on the public key servers.
Manage multiple key pairs
- Import / generate multiple key pairs and use them simultaneously for encryption and digital signing.
- You can even have multiple key pairs associated with the same email ID.
Direct connection with public key servers
- Publish your public key on the public PGP public key servers.
– Note : This is a « one-way process ». It includes the publication of your Mailfence account, your e-mail address, your first and last name or any other associated identifier. Be careful because you can not go back. You will NOT be able to cancel the publication of your public key on the public key servers, nor modify your personal data.
– Publish your public key updates (expiration date, revocation, …).
– Import other OpenPGP public keys directly from the public key servers and check for updates. You can also download them to your device.
Send your public key with a digitally signed e-mail
- Send your public key by e-mail and digitally sign this e-mail. This will allow your recipients to validate that you are the claimed owner of your key pair.
Check the authenticity of the public keys
– Check the fingerprint of the public key (obtained by additional channels such as the phone, a face-to-face meeting, …) with the existing public keys in your keystore.
An OpenPGP keystore that gives you real freedom
Finally, you can use all of these OpenPGP keystore features without using the OpenPGP-based end-to-end encryption and digital signature features of Mailfence. Use Mailfence as a friendly online OpenPGP keystore. Simply create an account and import your existing OpenPGP key pair or create one using our keystore. We give our users absolute freedom in OpenPGP key management. In addition, we do not confine them in our own digital island, and we offer total interoperability and reversibility (you can export your key and encrypted data at any time).
With Mailfence, you no longer need command lines or complex commands to manage OpenPGP keys. Gone are the graphical user interfaces related to platforms full of bugs and plug-ins / plugins. Mailfence has taken up the challenge of offering key management in an easy-to-use web interface. We believe that « privacy is a right, not a feature », and that everyone should have access to secure and private email!
To continue reading:
- Secure email: end-to-end encryption is the heart of it
- The best OpenPGP encryption practices , best practices OpenPGP digital signature