How to use Facebook with gpg4o
Facebook very often has been criticized for careing less for the privacy of their members. At least at some single points of the Facebook User-Interface this has changed. Facebook members do have the opportunity to share their PGP public key with other people. In addition, one may receive messages from facebook encrypted with OpenPGP. As a vendor of GnuPG based software we are happy with this progress and want to show you how you can use Facebook with gpg4o. It will work similarly with other PGP or GPG software as well.
In Part 1 of this Howto we learn how we provide Facebook with our PGP Public Key.
Login to your Facebook account and navigate in “About” to “Contact and Basic info” amd then to “Add a public key”. There you will find a dialogue where you may insert your OpenPGP Public Key as Text. (Need to know how to get your Public Key as text? Click here!)
Choose the option „Use this public key to encrypt notification emailst that Facebook sends you?“ to receive mails from Facebook encrypted. Otherwise you only spread your PGP (GnuPG) Public Key via your Facebook account. When done your dialog should look like below:
You are done with Part 1. In the second part we will link the Facebook Public Key with gpg4o and possibly signed mails from Facebook. Please enter Outlook (with gpg4o installed) and change the ribbon to gpg4o and then click on key management. Use the keysearch function to look up the Facebook Public key (Short-ID DEE958CF) and compare the fingerprint of the key you obtained with the correct Public Key of Facebook. Click here to doublecheck: https://www.facebook.com/notes/protecting-the-graph/securing-email-communications-from-facebook/1611941762379302 (care for a valid SSL connection to Facebook).
After double checking that you have the right key: Import it (right click for context menu in gpg4o key management, the click “Import Key”
Since you have thoroughly compared the fingerprint you may want to sign the Facebook Public Key with your own by double clicking on it and choosing “Sign”:
While we cared about importing and validating the Facebook OpenPGP(GPG) Public Key you should have received an email from Facebook shown below:
After doublechecking the signature you should follow the link in the email to verify that you successfully received and decrypted your first mail from facebook:
Congratulation. You successfully bonded Facebook with your gpg4o installation and will receive status updates from Facebook encrypted.