Broadband pricingMonthly Inc VAT. See VAT Exc.
| Up to: | 8Mb/s | 8Mb/s | 24Mb/s* |
|---|---|---|---|
| Tariff | Std | Prem | ADSL2+ |
| A | £18.99 | £31.00 | £17.95 |
| C | £26.99 | £39.00 | £26.95 |
| D | £34.99 | £47.00 | £32.95 |
| E | £46.99 | £59.00 | £38.95 |
Setup £59.99 Full tariff list The package Max *ADSL2+ trial Extra charges
Availability
To check availability you can enter your full UK postcode, or the number of a line.
It is possible to send and receive emails which have digital signatures, and even to send and receive encrypted (secret) emails. This is simple to do using free applications on your computer.
We recommend using Thunderbird for your email. It is a free, fully featured, email application. It can also have extensions loaded, such as enigmail, which provides easy to use secure email (digital signatures and encryption).
If you have linux then you will probably already have gpg and Thunderbird, and all you need is enigmail.
To install Thunderbird, go to www.mozilla.com, and select Thunderbird Email, and follow the installation instructions. When you start Thunderbird it will take you through setting up your email account.
You then need to install GnuPG, which is a standard OpenPGP encryption package. Visit www.gnupg.org, and select Download (on the left) then select the Binaries download for MS-Windows (e.g. the FTP link), or whatever operating system you have. Follow the installation instructions.
All you need now is enigmail, which is an extension to Thunderbird which allows it to use GnuPG. Firstly, start Thunderbird and select Extensions from the Tools menu. This opens the extensions window. Then visit enigmail.mozdev.org and select Download. Then drag the enigmail module link (the file ending with .xpi) from your web browser to the Thunderbird extensions window. Follow the installation instructions.
Finally, all you have to do is close your Thunderbird windows and start Thunderbird again. Send a test email (e.g. to yourself), and enigmail will take you through the process of setting up your secret key. You will need a pass phrase which you must be sure you can remember, and should not write down. This is your top secret pass phrase for signing emails and decrypting secret emails.
A digital signature is extra text at the end of the email which can be used to check that the email is genuine and has not been changed. If you sign emails sent to people without the right software they will see this as some junk on the end of the email, but it does not stop them reading it in any way. It says it is a digital signature. However, if they have the right email software such as Thunderbird and enigmail, then they can check the signature.
You can sign your emails, either all of them by default, or selected ones (see the account settings in Thunderbird). When you sign an email you will have to put in your secret pass phrase, and you can have Thunderbird remember this for a few minutes so that you do not have to keep re-entering it if you send several emails in a row. The signature is unique to the email, and will not validate if the email has been changed in any way.
When you receive a signed email Thunderbird shows if the email is signed, and if the signature is correct. It also tells you if it knows the signer. You can only check a signature if you have the senders public key, however you can get public keys from a key server with one click.
This means that if you want someone to check the signature of an email you send them, they will have to get hold of your public key some how. You can upload the key to a key server for them to get, or get it to them some other way.
To send an encrypted (secret) email, you must have the public key of the recipient. Again, this can be retrieved from a public key server with one click. Just mark the email as encrypted, and enigmail will ask you if you want to get the key. You do not need a pass phrase to encrypt email, only if you also want to sign it (which you may have on by default). Once encrypted, nobody but the recipients will be able to read it. If there are more than one recipient, each will be able to read it. By default, the mail is also encrypted so you can read it - but if you turn off this feature then even you cannot read the email you have sent!
The system works using a secret key which you have, and is protected by a pass phrase, and also a public key which you can make public and send to people or key servers or put on a web site, etc. When enigmail took you through making a secret key, it also made the corresponding public key. It will have also make a revocation key which you should keep safe somewhere.
The secret key is used by you to sign emails, and to decrypt any secret encrypted emails you are sent. This is why you need the pass phrase to do either of these things.
The public key is used by other people to check your signature, or to send you encrypted secret emails. This is why you publish this using a key server or some other means.
The revocation key is a separate key which you can use if ever you lose your secret key (hard disk crash, etc) or forget the pass phrase! It can be sent to a key server so that everyone knows that your key is no longer valid. This is important if ever someone gets hold of your secret key and pass phrase. You can make a new key which will be used instead. So put the revocation key somewhere safe, e.g. a floppy disk or CD.
Key managementThe OpenPGP menu on Thunderbird includes key management. This lets to set up the public keys you have from other people. You can set which keys you know to be correct, and also which you trust to sign other peoples keys. You can sign keys you are sure of, and send and retrieve keys from key servers.
One of the drawbacks with any such systems is that you have no real way to be sure that a key you have got (e.g. from a key server) is in fact the right one for the person you think. People make their own key, and send it to a key server. They could have been lying about their name or email address. You just don't know.
If you think about it, this is just the same with real signatures on paper. How do you know the signature is genuine? What can you check it against?
There are two solutions to this problem. Firstly the public key has a fingerprint, which is short string of letters and numbers that can easily be read out. You can use the key manager to check your own fingerprint for your key. If you have another way to talk to the other person, such as the phone, you can ask them to confirm the key fingerprint. You can check it matches the key you have for them. If it does then you can trust the key, and you can use the key management to tell the system you have checked the key is valid. If you are really sure then you can even sign the key yourself, and send it back to a key server so other people know you have checked it is genuine.
This leads to the other way of checking keys are genuine. If you know someones key is correct, and you trust them to check things carefully, you can tell the system that you trust them. Then, if you get a key from a key server that they have signed, the system will know that it must be genuine because someone you trust has signed it.
For example, Andrews & Arnold Ltd have a key. It can be found here. This key is used to sign all of the staff keys. Only the director of Andrews & Arnold Ltd can use this key. If you tell the system that you trust this key, then any email you get that is signed by a member of staff will have a key that is assumed to be valid as their keys are signed by that company key which you trust.
You should only sign other people's keys and upload to a key server if you are really sure they are genuine. If you sign keys you have not checked carefully, then people may not trust your signature on keys in future.
This may all sound complicated, but one day we may have goverment bodies signing people's keys or banks or other professional bodies doing so. When this happens it will be possible to load a few trusted keys, and easily check any keys you find are genuine, even from people you don't know and have never met.
Just think about how real signatures on paper work, and how much trust we place in them!
Key servers are simply databases on the internet which hold public keys. They do not vouch for the accuracy of the keys (that is done by the people that have signed them). You can upload you key, or keys you have downloaded and signed, using the key management window.
We sign all of the invoices we sent out. This is a requirement of EU electronic invoicing law (though UK law takes a slightly more relaxed view, for some reason).
People send us encrypted emails with credit card information, just to be on the safe side.
People are used to signing their letters (on paper), so why would you not want to sign your emails?
The whole system is perfect for things like banking, which will, eventually, drag itself in to the 21st century. We will have to see...
Why not?
