Using Outlook with PGP

Installation

1. Install PGP Desktop Email http://www.pgp.com/products/desktop_email/index.html
; a 30-day trial is also available: http://www.pgp.com/downloads/desktoptrial/desktoptrial2.html. NOTE: Administrative privileges will be required.
2. Create keypair when prompted, unless you already have one. If you already have public and/or private keys, you should import them after PGP is installed - attempts to use existing keys during initial PGP configuration failed during testing.

Configuration

1. If you already have private and public keys from a separate installation of GPG or PGP:
   1. Export private and public keys from previous GPG/PGP installation.
   2. In your new PGP Desktop installation, click on PGP (the padlock icon) in the System Tray and select Open PGP Desktop.
   3. Click PGP Keys in the left-hand columnn, then File -> Import.
   4. Select the file to which your private key was exported.
   5. Select the private key(s) you wish to import, then click Import.
   6. Repeat the import process for your public keys.
2. Open Outlook and send a message to your Exchange account. PGP will open a window for you to confirm that you wish to have it auto-configure for your email account. If Outlook appears to be hanging, the most likely cause is that this PGP window is open and waiting for your confirmation.
3. From System Tray, open PGP Desktop.
4. Under PGP Messaging, select your email address.
5. In the Security Policies section, select Edit Policies.
6. Select the last one (Opportunistic Encryption), then select Edit Policy...
7. Change the dropdown list from "if any" to if none to disable the policy; click OK.
8. With Opportunistic Encryption selected, click Duplicate Policy... and then Edit Policy....
9. Change Policy as follows:
   • Description: Sign by Default
   • "If none" -> "If any"
   • Remove "Encrypt" as the action to perform on the message, leaving just "Sign."
   • Click OK.
10. Move order of policies to this:
    1. Require Encryption
    2. Mailing List Admin Requests
    3. Mailing List Submissions
    4. Sign by Default
    5. Opportunistic Encryption
11. Click Done.
12. Exit PGP Desktop (if desired).

Use

• All messages will be PGP-signed (assuming PGP is configured as described above).
• To encrypt a message:
  • put [PGP] in the subject; or
  • set Message Sensitivity to confidential.
• To populate your keys with frequent correspondents (to verify their signatures and encrypt messages to them):
  • In PGP Desktop in the left-hand column under PGP Keys click Search for Keys
  • Search for the desired email address; and
  • Right-click the key, and select Add To -> All Keys.

Caveats

• PGP Desktop Email supports Outlook 2007 SP1 and Outlook 2003 SP3.
• Testing was done in March 2009 with PGP Desktop 9.9 and Outlook 2007 SP1 on Windows XP SP2 and SP3.

Last updated: Thursday, March 19, 2009