Skip to main content

Answers for private customers

The Knowledge Base for private customers is already largely up to date. A few individual articles are currently being revised and will be updated shortly. We thank you for your understanding and look forward to providing you with the latest information on using mailbox.

Please note: The Knowledge Base has changed slightly. Categories have been adjusted and any URLs stored in the old Knowledge Base are no longer valid.

Does Guard use the Web of Trust

In PGP encryption, there is the Web of Trust – a trust network in which PGP users can mutually sign the validity of their keys, thereby establishing trust in the authenticity of a user who is only indirectly known.

How does this work with mailbox Guard?

In mailbox Guard it is currently not implemented that you can manage and/or evaluate signatures of other users on keys.

Instead, mailbox Guard is based on the fact that you manually import the recipients’ keys into Guard and thereby classify them as valid and trustworthy. Signatures on the keys do not play a role in this process.

Before importing a key, you will be shown, among other things, the fingerprint of the key. You should verify this (and possibly other characteristics) with the sender via a secure second channel (e.g., by phone, SMS, chat, verbally, or in writing) before importing the key – as this is how you extend your trust to them.