> > On Apr 6, 2023, at 10:43 AM, Hammer, Erich F <er...@albany.edu> wrote: > > Charles, > > Sharing encrypted files is not a trivial problem that can be resolved without > third-party software. It sounds like you want to create a self-encrypted > file that the recipient can just double-click, enter the password, and > see/use. Here are a couple sites arguing that is not a good choice: > > https://forum.axcrypt.net/blog/avoid-self-decrypting-files/ > https://www.articsoftpgp.com/exe_encryption.htm
Many of the arguments against self-decrypting files are the same as the self-extracting archives from the 90s/2000s. You have to trust something that was downloaded, and it’s limited to work on only a single operating system that it was designed for. The advantage of the PDF (non-envelope) approach is that the file is read by a reader application, so you’re not downloading something new that you have to trust. But what I like about it is that you don’t need to decrypt the file for the reader program to then read, so it’s always stored on the disk encrypted, and there’s less chance of someone being sloppy and leaving an unencrypted version sitting around. I went to search for free PDF encryption tools, and it looks like Adobe has a website that will do it… it’s HTTPS, so the file should be transferred encrypted at all times, but you will have to trust Adobe to not peek or save what you sent: https://www.adobe.com/acrobat/online/password-protect-pdf.html -Joe Sent from a mobile device with a crappy on screen keyboard and obnoxious "autocorrect"
