.. is to get your keys from a CA | certificate authority (Wikipedia). There are a some commercial ones and there’s one non-profit one – CACert (http://www.cacert.org).

From CACert you can get certificates for your emails, domains, servers (webservers, mail servers,…), etc… For free! What do you have to do to use it, especially with Thunderbird? Well, follow the following instructions:

1. Create an account at CACert

2. Verify your email address

3. Create a certificate for this email address

4. After creation click the link “install certificate” – now the certificates (private key, public key) are stored in the browser cache. If you’re using firefox, you can save those certificates (options -> security -> certificates)…

5. Save the certificates to your harddrive.

6. Save the root certificates of CACert (class 1 and class 3) from this page to your harddrive as well.

7. Open Thunderbird, Menu: Extras -> Settings -> Certificates. Click on the tab certificate authorities, then import both root certificates. Afterwards clock on the tab “your certificates” and import – well, your certificate!

Done!

Now you can sign or|and encrypt emails and 1. you don’t have to use enigmail/opengpg anymore and 2. you are using trusted certificates rather than some pgp key from some pgp server.