Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

hushmail handout

advertisement 
MULTIMEDIA TRAINING KIT
HUSHMAIL HANDOUT
Developed by: Roberto Soriano for APC
MULTIMEDIA TRAINING KIT ............................................................................................................................ 1
HUSHMAIL HANDOUT ..................................................................................................................................... 1
About this document .......................................................................................................................................... 1
Copyright information ......................................................................................................................................... 1
Introduction ........................................................................................................................................................ 1
Setting-up your Hushmail account ..................................................................................................................... 2
Accessing your Hushmail account ..................................................................................................................... 7
Composing and sending e-mails ....................................................................................................................... 8
Reading and replying to received e-mail messages ........................................................................................ 11
Key management............................................................................................................................................. 13
About this document
These materials are part of the Multimedia Training Kit (MMTK). The MMTK provides an integrated set of
multimedia training materials and resources to support community media, community multimedia centres,
telecentres, and other initiatives using information and communications technologies (ICTs) to empower
communities and support development work.
Copyright information
This unit is made available under the Creative Commons Attribution-NonCommercial-ShareAlike License. To
find out how you may use these materials please read the copyright statement included with this unit or see
http://creativecommons.org/licenses/by-nc-sa/1.0/legalcode
Introduction
Hushmail is a browser based e-mail system that has a built in encryption engine. Since Hushmail is browser
based, you do not need to install any other program, all you need is a browser and an Internet connection.
Hushmail’s encryption engine provides automatic encryption and description of your outgoing and incoming
e-mail messages.
Below are some of Hushmail's advantages and disadvantages:
Advantages
0
0
0
0
0
Can be accessed anywhere because it is web-based
Key management is done by the Hushmail system
Private keys are portable across different applications (PGP, CryptoAnywhere, or any other OpenPGP
compliant application)
Free (with limited e-mail storage)
Can be used to communicate with non Hushmail users
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
1
Disadvantages
0
0
0
0
0
If accessing Hushmail from unknown/insecure systems such as internet cafés, passphrase or password
might be compromised (system might be installed with key logging programs).
Does not work very well with a slow internet connection (times out often)
Dependent on Hushmail system availability.
E-mails copied or transferred to your hard disk from the Hushmail site are no longer encrypted.
Your contacts should ideally also have Hushmail accounts
Setting-up your Hushmail account
0
Go to the Hushmail website: http://www.hushmail.com/
Click on this
section to
view more
information
about
hushmail
Click here to
start the setup of your
hushmail
account
0
Clicking on the “go” button in the Hushmail sign up section displays the next page. This page displays
the Hushmail Terms of Service and the option to choose your own username or allow the Hushmail
system to automatically generate a user name for you.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
2
Please read
this section
for the
Hushmail
Terms of
Service
In this
textbox type
in your
desired
username
and click the
continue
push button
Click on this
push button if
you want
hushmail to
automatically
assign you a
username
0
Clicking on the “Continue” button form the previous page loads the Hushmail encryption engine and
displays the status page as seen below.
0
After a few seconds a pop up box appears providing you with a security certificate. This security
certificate indicates that the applet currently running on your system is coming from Hush
Communications. The pop up box also indicates Thawte Consulting (http://www.thawte.com) as the
verifying authority for this certificate.
To continue click on the “Yes” button.
0
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
3
Click here to
know more
about the
security
certificate
Click on the
yes push
button to
continue
0
0
0
Clicking on the “Yes” button displays the page as shown below. This page prompts you to enter your
passphrase.
The passphrase that you choose will be used every time you access Hushmail to send and receive your
e-mails.
Visit http://www.diceware.com for more information on choosing a secure passphrase.
Enter your
passphrase
in the boxes
0
0
After entering your secure passphrase and clicking on the “Create account” button, a window applet
appears on your screen as shown below.
You will need to move your mouse pointer inside the box provided by the applet to generate your
secure keys.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
4
Move your
mouse
pointer
inside this
box
Progress
graph
indicator
0
0
When the progress graph indicator fills, a pop up box appears (as shown below) prompting you to
proceed with account creation.
Click on the “OK” button.
0
Your account has been successfully created when the pop up box appears as shown below.
0
If you are using Internet Explorer a pop-up will ask if you want Hushmail added to your Favorites.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
5
0
0
Clicking on “OK” or the “Cancel” button (as shown in the previous page) displays the next page as
shown below.
For a fee you can have access to expanded services such as a larger mailbox and technical support.
Information
on
hushmail's
subscription
services
0
Scroll down to the bottom of the page if you choose to use only Hushmail's free e-mail service and
click on the “click here to continue with a Free Account (without paying)” button.
Click here to
use
Hushmail’s
free e-mail
service
0
If you choose to use Hushmail's free service at this point, the next page appears below prompting
you for your passphrase so you can start using your Hushmail e-mail account.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
6
Accessing your Hushmail account
0
Since Hushmail is a browser-based service, you will only need a web browser application and a
computer connected to the Internet to be able to get to your Hushmail account. This means that you can
access your Hushmail account via an Internet cafe or through any other computer that can access the
internet.
0
Go to the Hushmail website: http://www.hushmail.com/
Enter your
login in
the box,
and click
on the
arrow
0
The next page that will be displayed (see below) invites you to look into the subscription services
provided by Hushmail. To use only the free e-mail service, click on the “click here to continue with a
Free Account (without paying)” button.
Click here to
access your
free email
service
0
An indicator page will be displayed showing the loading progress of the Hush Encryption Engine.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
7
0
When the encryption engine has finished loading, you will be prompted to enter your passphrase in
the following page that will be displayed.
Enter your
passphrase in
this textbox
and click on
the
“Authenticate”
push butto
0
When you have been authenticated, the next page appears below, displaying your E-mail
Workspace.
Message/Contacts
management
buttons.
What is displayed
depends on the
curretly selected
Action Links
Folder
management
buttons
Folders
display list
area.
Clicking on a
folder
displays that
folders
contents in
the email/file
display area
Email/File
display area.
Lists the
contents of
the currently
active folder
View and
access tips
on using
hushmail in
this section
Composing and sending e-mails
0
To compose an e-mail message click on the “Compose” link on the Action Links section.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
8
Action Links
section
Click “Compose” to
create a new email
message
The Compose window
0
When you click on the “Compose” link, the Compose window appears on your desktop like the one
below.
Compose
options
buttons
Recipients
textboxes
Email
sending
options
check boxes
Email
message
subject
textbox
Message
Body Area
Compose options buttons
o
o
o
o
o
Send - Click to send e-mail message.
Draft - Click to save e-mail message in the Drafts folder (if saving an e-mail message as a
draft for the first time, click on “Chek Mail” on the Action Links Section on the E-mail
Workspace to display the Drafts folder in the Folders Display List Area).
Template - Click to save e-mail message as a template in the Templates folder (if saving an
e-mail message as a template for the first time, click on “Chek Mail” on the Action Links
Section on the E-mail Workspace to display the Templates folder in the Folders Display List
Area).
Attach - Click to attach a file to your e-mail message.
Cancel – Click to cancel your e-mail message composition.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
9
Recipients textboxes
Please note that if you are sending to non-Hushmail users you cannot encrypt your messages, you
can only sign your messages. You can only send encrypted messages to non-Hushmail users if you
have previously uploaded your recipients public key to the Hushmail key server. Also, your recipient
should confirm that she/he agrees to upload her/his public key to the Hushmail key server.
Uploading public keys will be discussed in the succeeding sections.
o
o
o
To: - Enter the e-mail address of your e-mail recepient/s.
Cc: - Enter other e-mail address/es that you want furnished with your e-mail message.
Bcc: - Enter other recipient/s e-mail address you want furnished with your message. E-mail
address/es entered in this textbox will be not be seen by the other recipient/s when they
receive a copy of your message.
E-mail sending options check boxes
o
o
o
o
Encrypt Message - Encrypts your e-mail message with the public key of your recipient/s.
Sign Message - Signs your e-mail message with your private key.
Save to Sent Folder - Saves a copy of your message to the Sent Folder.
Request for Receipt – Checking this box sends an e-mail back to you indicating that your
message have been received by your recipient/s.
Attachment list area
o
Attachments – List and manage the files that you have attached with your e-mail message.
When you have finished composing your e-mail message and have already decided on the different sending
options you can click on the “Send” button.
Click here to
send your
message
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
10
0
The pop up box below will appear if your intended recipient/s is/are not Hushmail user/s or your
recipient/s public keys have not yet been uploaded onto the Hushmail keyserver. Clicking on the “OK”
button sends your message in unencrypted form or in plain text.
0
When sending e-mail messages to Hushmail user/s or recipient/s whose public key/s have aleady been
uploaded onto the Hushmail keyserver, the message body is encrypted and shown on screen (see
window below) before it is sent out.
Message
body in
encrypted
form
Reading and replying to received e-mail messages
Shown below is your e-mail workspace displaying your received messages. Every time you log on to
Hushmail the E-mail/File display area displays the contents of your Inbox Folder by default. When you click
on an e-mail message it will be displayed in the Message Body Area.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
11
When the
Encrypted box is
checked, this
indicates that the
message that was
sent to you is
encrypted.
This also indicates
that the sender is a
hushmail user or
the sender's public
key has already
been uploaded to
the hushmail
keyserver.
Email/File
area
displaying
the contents
of your Inbox
Folder
Message
Body Area.
Shows the
contents of
the currently
selected
email
message
File Attachments
Area.
You can choose to
save or delete the
attachment that
came with the
message.
0
When you click on the “SAVE” button in the File Attachments Area, a pop up box appears (see below)
indicating that the attachment was saved into your defined folder. It also indicates that the the file
signature was verified. File signature verification is only available if the sender is a Hushmail user or
her/his public key has already been uploaded to the Hushmail keyserver.
0
Below is a sample of an unencrypted e-mail message. Notice the unchecked “Encrypted” box.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
12
0
When you save an unencrypted attachment a pop-up box (see below) appears indicating that the file
was saved successfully into your defined folder. Notice the non display of the signature verified line.
0
To reply to a message go to the Message/Contacts management buttons.
Click here to reply to
currently selected
message
0
Message/Contacts
management buttons
After clicking on the “REPLY” button the compose window appears so you can start entering your
message (review Exercise 03: Composing and sending e-mails).
Compose
options
buttons
Recipients
textboxes
Email
sending
options
check boxes
Email
message
subject
textbox
Message
Body Area
Attachement
list area
Key management
0
0
To be able to securely communicate with non Hushmail users you should upload your contacts’ public
keys onto to the Hushmail keyserver.
To upload your contacts public keys, go to the Action Links Section (as shown below) on your E-mail
Workspace and click on “Hushtools”.
Click here to open
hushtools in a new
window
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
13
0
0
You can also enter http://www.hushtools.com into your web browser to go directly to Hushtools.
User login is not required to use this service.
0
Once the Hushtools window (see above) appears, click on the “Key Management” link on the Action
Links Section (see below).
Click here to
access the “Upload
a public key” link
0
Hushtools window showing the “Upload public key” link.
Click here to
upload a public
key
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
14
0
Shown below is the “Upload a public key” window.
Paste your
contact's public
key text in this
area
When finished
pasting a public
key, click on
this push button
to upload the
key on to the
hushmail
keyserver
0
0
0
There are several ways to get a public key from your contact. She/he can mail the file to you as an
attachment or it can be sent to you in the body of an e-mail message.
In either case, before trusting the public key make sure that this key has been provided to you by the
person who owns the public key.
The example below shows a public key file being opened in a text editor for uploading onto
Hushmail's keyserver.
Public key file
0
0
The email
address
associated with
public key
appears on this
drop down list. If
more than one
email address is
associated with
the public key
you can choose
what email
address to use.
Select the
public key file
and right click
on the mouse to
open the key in
a text editor
A sample of a public key file opened in a text editor program.
You can now select and copy the contents of the public key.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
15
0
Click back on the Upload a public key window.
Right click on
your mouse in
this area and
select “Paste”
from the menu
to put in this
area your
contact's public
key
0
Shown below is the Upload a public key window with your contacts public key pasted and ready for
upload.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
16
Public key
pasted
Click on this
push button to
upload the
public key
0
0
Email address
associated with
the public key
After clicking on the “Upload public key” button a pop up box appears confirming the successful
upload of the public key.
The pop up box also indicates that an e-mail message will be sent to the owner of the public key for
confirmation. (see succeeding sections for activating an uploaded public key)
Click “OK” to
finish
0
0
Once you have uploaded a contact's public key, an e-mail message will be sent by Hushmail to
the owner of the public. This e-mail requests confirmation for the uploading of the key and
provides the steps for the activation of this key.
A sample of the e-mail request appears below.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
17
Email request
confirmation
from hushmail
0
0
Show below is the contents of the e-mail request, supplying a link to the Hushmail website to be
able to activate the public key.
Please read through the message for more details.
Link to hushmail
website for
public key
activation
0
0
After clicking on the link in the e-mail message body, the link opens on a new window with
details on the how to activate the public key (see below).
Please read through the page for more details.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
18
Click on one of
the push
buttons on this
page to activate
or not to
activate your
public key
0
Once you have activated your public key a confirmation message appears on the Hushmail
website as shown below.
Some notes:
0
0
0
0
0
If you already have a public key but are not a Hushmail user you can still upload your public key
onto the Hushmail keyserver so Hushmail users can communicate with you securely.
When uploading a contact's public key onto the Hushmail keyserver. It is good practice to inform
your contact that you have uploaded her/his public key.
Some of your contacts may prefer not to use Hushmail but may wish to communicate with you
securely.
The next section shows you how to export your Hushmail public key for transmission to your non
Hushmail contacts.
To export your public key click on the “Preferences Link” as shown below. You need to be
logged onto your Hushmail account to be able to do this.
Click here to display
the Export Encryption
Keys link
0
Clicking on the “Preferences” link displays the page below.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
19
Click here to
jump to the
Export
Encryption
Keys section
0
The Export Encryption Keys section is shown below.
Click here to
export your public
key to a file on
your harddisk
Click here to
export your
private and
public key to
a file on your
harddisk
Enter your
passphrase to be
able to export your
keys
0
A pop up box appears (see below) when you click on the “Export Private Keys” button. This pop
up box provides a warning when you decide to export your private keys. Please read carefully.
Some notes on exporting private keys
0
0
0
You should be careful when exporting your private keys, when others get hold of your private
key, you are no longer secure.
You should only export your private key when you will be using it with other OpenPGP
compatible applications such as PGP or CryptoAnywhere.
When you export your private key make sure that you locate this in a secure place.
533583579
Last updated 9 March 2016
Available online from http://www.itrainonline.org/itrainonline/mmtk/
20
Related documents
Review: Hushmail - Encrypted Webmail Author: Chris Jones
Review: Hushmail - Encrypted Webmail Author: Chris Jones
Email Encryption Form - Sheryl R Jacobs, Ph.D.
Email Encryption Form - Sheryl R Jacobs, Ph.D.
Secure Email Instructions Receiving a Secure Email
Secure Email Instructions Receiving a Secure Email
Hushmail Business Web Mail Customization What Do I Need
Hushmail Business Web Mail Customization What Do I Need
HushMail Test Environment
HushMail Test Environment
Hushmail
Hushmail
international common law notice & cease and desist order
international common law notice & cease and desist order
Download
advertisement