12.3.1. Importing Autocrypt keys

In the advanced Guard settings, you can define whether Autocrypt keys are automatically imported. You can set the following:

All Autocrypt keys received are automatically imported.

An automatically imported key is used as follows:
- An outgoing message to this contact can be encrypted with this key.
- The signature of an incoming message from this contact will not be verified with the key. That means: It can not be verified if the sender is real and the message content has been transferred unaltered.
For each Autocrypt key received you will be asked whether to import this key. Details of the Autocrypt key will be shown allowing you to check its validity. If you import the key, it will be regarded as verified. A verified key will be used as follows:
- An outgoing message to this contact can be encrypted with this key.
- The signature of an incoming message from this contact will be verified using the key. If the verification is successful, the sender is real and the message content is unaltered.

How to define how Autocrypt keys are imported:

Click the Settings icon on the right side of the menu bar. Click on Settings.
In the sidebar, click on Security. Click on Guard.
Enable Show advanced settings. Items for managing keys and for the Autocrypt settings will be displayed.
Below Autocrypt, proceed as follows:
- To import Autocrypt keys, enable Search incoming emails for keys in header.
- If you enable Import autocrypt keys without asking, Autocrypt keys will be imported automatically.
  
  This is the default setting if Show advanced settings is disabled.
- If you disable Import autocrypt keys without asking, you will be asked whether you want to import the key. The key details are shown so that you can check the validity of the key. If you accept the key, it will be regarded as verified.

Encrypting Data with Guard