This page describes how Hushmail users can communicate securely with users of PGP, GnuPG, and other products supporting the OpenPGP standard.

OpenPGP key server

Our OpenPGP LDAP key server can be found at keys.hush.com on port 389.

How can a PGP user send secure email to Hushmail?

PGP 8.0 or PGP Universal

To send secure email to a Hushmail user, configure PGP 8.0 for Windows as follows:

1. Right-click the PGP icon in the system tray
2. Select Options…
3. Click the Servers tab
4. Click the New button
5. Select PGP Keyserver LDAP
6. In the Name field, enter keys.hush.com
7. Click the OK button
8. You can now send secure email to Hushmail users using all PGP 8.0 components, including the PGP Outlook plugin.

Please note: Hushmail only recognizes digital signatures on text messages that are signed using the Cleartext Signature Framework as described in RFC2440 section 7. Thus when sending to a Hushmail account you must sign the message first, generating a cleartext signed message, and then encrypt the result. If you encrypt and sign a message in a single step (the default for many PGP applications), the signature will not be recognized.

GnuPG

To send secure email to a Hushmail user, configure GnuPG as follows:

1. At the command prompt, type gpg –keyserver ldap://keys.hush.com –search-keys username@hushmail.com, where username@hushmail.com is the Hushmail account with whom you wish to communicate
2. Follow the instructions that will be displayed to import the key to your key ring
3. Your GnuPG installation must support LDAP in order for this to work. Refer to the GnuPG documentation
4. Follow the instructions for your email program below:

If you’re using Enigmail with Mozilla Mail, Netscape, or Thunderbird

1. In the OpenPGP menu, select Preferences
2. Make sure Display expert settings is checked
3. Select they Keysever tab
4. Add ldap://keys.hush.com:389 to the comma-separated list of servers
5. Click OK

To configure encryption recipients

1. In the OpenPGP menu, select Key Management
2. Select Keyserver > Search for keys
3. Enter the Hushmail address of your recipient
4. Select ldap://keys.hush.com:389 from the dropdown list of keyservers
5. Click OK

How can a Hushmail user send secure email to a PGP user?

The PGP user must upload their public key to the Hush Key Server Network.

1. The PGP user must export their public key in text format
2. The PGP user should go to www.hushtools.com
3. The PGP user should click on Key Management
4. Under Advanced, click on the option Upload a public key
5. The PGP user should paste their text public key in the text box indicated
6. The PGP user should click on the dropdown box which says Click here… to select a User ID for their public key. This should be the email address to which the Hushmail user will send mail.
7. In most cases, no activation code will be required. Ignore that field
8. The PGP user should click Upload public key
9. The PGP user will shortly receive an email confirming upload of the public key. The instructions in that email must be followed.
10. The key will then be activated, and any email sent to the chosen User ID (email address) by a Hushmail user will automatically be encrypted.

Please note: We’ve been told that if you get the error “Error decrypting message . java.lang.IllegalArgumentException: Length not multiple of 4″ it can be resolved by setting PGP to word wrap at column 69. This can be controlled in PGP options.