Encryption And Signatures

Cone includes supports for encryption and digital signatures. GnuPG (http://www.gnupg.org) must be installed in order to use encryption and digital signatures.


Cone uses a newer MIME-based format for encrypted and signed messages. Cone does not recognize or use the older inline-formatted messages (this is where the text messages contain keywords like BEGIN PGP SIGNED MESSAGE).

MIME encryption and digital signatures

At this time Cone provides basic encryption, decryption, signature creation, and signature verification functionality. Key management (like creating and signing keys) must still be done with GnuPG.

Signing and encrypting messages

When GnuPG is installed, two additional options become available after pressing CTRL-X to send a message:


Pressing S displays a list of all available secret keys. Highlight the key and press Enter to select a key for signing the message. The list of keys is shown at the bottom of the screen. The top of the screen shows additional information about the currently highlighted key.


Pressing E displays a list of all known public keys. More than one public key may be selected. All public keys whose addresses match any recipient address, or the sender's address, are selected by default. The message is encrypted by all chosen public keys. Highlight each key and press SPACE to select a public key encryption. Press Enter after selecting all public keys. A checkmark (or an asterisk, depending on the console display) is placed next to each selected key. Press SPACE again in order to un-select a selected key.

The original prompt is updated accordingly, after selecting either of these two options (the original Send message? prompt changes to a Sign, then send message?, or some other appropriate variant). The key used for signing a message is memorized like any other custom message header, and is automatically selected by default when sending the next message. Choose Sign again to un-select the key. A separate default signing key exists for every account Cone is logged on to, and a default signing key is memorized for every open folder. It is possible to memorize a different key for signing replies to messages in different folders. However that may prove to be a bit cumbersome. Each time a message in a different folder is replied to, Cone will prompt whether to set that folder's key (or any other custom header) as the default for the entire mail account. This feature is probably convenient when most replies are to messages from the same folder, and messages from other folders are accessed infrequently.


The Sign and/or the Encrypt option must be used before selecting Delivery notifications. After selecting Delivery notifications, the only remaining options shown are the various delivery notifications options, and Y, which sends the message.


Copies of encrypted sent messages are saved in their encrypted form. Unless the sender's public key is also selected for encryption, the sender will not be able to read a copy of the sender's own message!


Cone supports passphrase-protected keys. Cone prompts for a passphrase before it signs a message. Press Enter without entering anything if the key does not have a passphrase.

Cone remembers the passphrase, and will not ask for it again. When a master single-signon password is installed (see Master Passwords), passphrase passwords are also saved together with all other account passwords. Cone does not automatically know when, and if, the key's passphrase is changed. When message signing fails, Cone automatically removes the saved passphrase. Simply try again to sign the same message, and Cone will prompt for the new passphrase.

Decrypting messages, and verifying signatures

Pressing Y (as in decrYt) attempts to decrypt or verify the signature of a currently opened message. The message must be opened before it can be decrypted. A signed message must also be opened, before its signature can be verified.

An encrypted message will initially be empty, naturally, except for a single attachment that contains the encrypted content. The contents of a signed message are displayed normally. The presence of an additional attachment, that contains the message's signature, indicates that the message is signed. After a message is succesfully decrypted, or its signature is verified, the message's contents are shown together with the diagnostic messages from GnuPG which contain additional information on the message's encryption status.

Forwarding or replying to a message always ends up forwarding or replying whatever's currently shown on the screen. If the message is decrypted, the decrypted contents are forwarded. If the message is not decrypted, its original encrypted version is forwarded.

Decrypting messages with a passphrase-protected key

Before decrypting a message, Cone prompts for a passphrase. The passphrase is memorized just like passphrases are memorized after a message is signed, and Cone will not ask for a passphrase again. Just like when signing, when a master single-signon password is installed, the passphrase is saved together with all other account passwords.

At this time, Cone is not smart enough to known which private key was used for encrypting a message. Therefore if multiple private keys are present, they all should have the same passphrase. Otherwise, each time an attempt is made to decrypt a message that's encrypted by different key, the attempt will fail because the wrong passphrase was memorized. Each time an attempt to decrypt a message fails, Cone automatically forgets the saved passphrase, so that the attempt to decrypt the message can be tried again, this time entering the correct passphrase (which will now be memorized and used as a default decrypting passphrase from now on).