PGP encrytped link on website

craig.mckune's Avatar


07 Dec, 2011 03:19 PM

We want to create an email link on our website so that those using PGP encryption can contact us securely. Is this possible?

  1. Support Staff 1 Posted by Luke Le on 07 Dec, 2011 03:24 PM

    Luke Le's Avatar

    Hi there again :)

    How exactly do you want that to work?
    As you can see on our website under
    we have a contact form.
    Once you enable the "private message" checkbox the message is encrypted using JavaScript to our GPGTools key.
    It's a proof of concept but it works pretty well already for trivial scenarios.

  2. Support Staff 2 Posted by Luke Le on 07 Dec, 2011 03:27 PM

    Luke Le's Avatar

    A different option would be to post a link to your public GPG key on your website, so those who want to contact you can import it and send you an encrypted email from their mail client

  3. 3 Posted by craig.mckune on 07 Dec, 2011 03:46 PM

    craig.mckune's Avatar

    Hi again.

    Whatever the most simple option is would be best.

    As is we have a tip-off button on our website ( which simply opens a new email where people can type in their note and send.

    We want a second, encrypted option for those with more sensitive information, that works in much the same way. It would probably need an explanation link alongside it for those that don't use PGP keys.

    I see on your website at the bottom I can click a link to import your key. I did that, and then I tried to email to the key address, however the encrypt button is greyed out. So I'm not sure how this works.

    I'm struggling to visualise the best way to do this


  4. 4 Posted by craig.mckune on 07 Dec, 2011 03:53 PM

    craig.mckune's Avatar

    To be a little clearer, our sources often don't want it to be known - to anybody who might be snooping through our data - what they are telling us, or that they are contacting us at all. So the tip-off info is not seen publicly as is, it just goes straight to our mailboxes. But those can be compromised.

  5. Support Staff 5 Posted by Luke Le on 07 Dec, 2011 03:58 PM

    Luke Le's Avatar

    There's a downside to the email option, that is, the user has to have installed any sort of GPG plugin and you need a tutorial to document the procedure.
    It might not be too hard, considering the people sending in information have some IT skills.

    The web form simplifies the whole process in the form that the user don't need to have any knowledge about how to send you the information but simply fill out a web form and attach some documents, which are sent to you in an encrypted form.

    Of course that requires a lot more work and development knowledge on your site or someone who's willing to implement it.

    That it didn't work for you with the email option might be a bug in our GPGMail 2.0 alpha version or be simply due to the fact, that you didn't restart before trying to send an encrypted message, which is necessary at the moment, after you've imported a public key.
    In future versions new public keys will be available to GPGMail without restarting.

  6. Support Staff 6 Posted by Luke Le on 07 Dec, 2011 04:14 PM

    Luke Le's Avatar

    We've received the encrypted and signed email as expected.

  7. 7 Posted by craig.mckune on 07 Dec, 2011 04:29 PM

    craig.mckune's Avatar

    Right. Bug understood and sidestepped. It takes a while to mobilise the developers. So I can simply create an email address and a key for our team (the ones using PGP), post that link. Whistleblowers that use PGP will be fine. We can link to a tutorial for those that don't but are determined. It should do for now.

  8. Support Staff 8 Posted by Luke Le on 07 Dec, 2011 04:32 PM

    Luke Le's Avatar

    Exactly, that's the easiest, most reliable and fastest way to go about it.
    Should also work best with bigger attachments.

  9. Alex closed this discussion on 16 Dec, 2011 12:53 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac