Install the app, BUT DON'T RUN IT YET.
Create an entry for yourself in your Contacts, if you don't already have one.Make sure it includes the email address that the Mail app uses when you send mail. For example, if when you send mail using the Mail app the sender appears as "[email protected]", then ensure that email address is listed in the contact entry. You must also at least partially fill out the postal address field. Writing your city, state, and zip code should be sufficient.
Open "And You and I" (hereafter AYAI). It will ask you to "Enter your ID password." This is NOT your iCloud or App Store password; this is a new password you are setting up. Choose a password that's at least 16 characters long. An English sentence is fine as long as it's not too predictable.
Press the + sign in the upper right corner. This will open your Contacts screen. Choose the entry for yourself. One or more rows (corresponding to the email addresses listed in your contact info) will appear under "S/MIME Identities".
Swipe to the right on an entry. A green "+" button will appear with the caption "Generate". Tap this icon. Keys will be generated, which takes a few seconds. Now there should be a lot of information listed under that entry, as well as the AYAI logo next to it.
Swipe left on that entry, and tap "More". Then select "Send mail to yourself". What's going to happen is that AYAI will package the encryption keys you just generated, and email them to you. You can then use this email to import the keys into iOS so it can use them.
Don't close the app yet. Swipe right on the same entry, and choose the "*" icon that says "Password". A brief alert will pop up at the bottom that says "the password has been copied to the clipboard."
Go to the Mail app. A new email should be in there with several attachements. Tap the first attachment. A dialog should come up with an "Install" button in the top right corner. Press that.
You will be prompted for your phone's passcode (if applicable), then shown a warning about "the authenticity of ... cannot be verified". Ignore this and tap "Install" in the upper right corner.
You will now be prompted, "ENTER THE PASSWORD FOR THE CERTIFICATE ...". Tap a spot in the blank and choose "paste", which will paste in a long string of characters. Choose "Next" and then choose "Done"
Now we must go into the phone's Settings and enable S/MIME. From the Settings screen, choose iCloud > Mail > Advanced, and under S/MIME, toggle the S/MIME switch to On. Then tap "Sign", turn that on, and tap the certificate to use. Also turn on "Encrypt by default" and tap the cert listed there as well. Don't exit out of the Settings screen without tapping "Done" at the upper right, or the changes won't be registered and subsequent steps will fail!
If you are using a different email address than your iCloud one, then you need to go to Settings > Mail > Accounts > [the account you want to use] > Account > Advanced, and enable S/MIME, signing, and encrypting as described above.
Now we will send an email to ourselves. Go into your Mail, tap the compose button, and enter your email address into the To: field. A red message will appear that says "Unable to encrypt". I'm not sure why this happens exactly but one more step seems to be required. Fill out the subject field and message body with whatever text, and send it.
Open this new message that you just sent to yourself. You should notice a little blue checkmark next to the From: field. Tap your name in the "From:" field, then choose "View Certificate". Then choose "Install".
To verify that this has all worked, go to your Mail again, and choose to send a message to yourself. After you enter your address in the "To:" field, you should see a blue lock icon and the word "Encrypted" at the top of the screen.
Now you can send your certificate to your peers by going into AYAI, swiping left on the entry you want to use, choosing "More", and choosing "Send Mail to Partners".
The peer should do the following steps:
Open the email containing your certificates, and tap the first attachment, going through the install process.
Then, you need to send them an additional email, with any text you want. When they get that email, they should tap your name in the "From" field, choose "View Certificate", and then choose "Install".
Now you can send that person encrypted messages, and in fact every message you send to them will be encrypted automatically.
You may wish to turn off "sign messages by default" in the Settings for that mail account, since people who don't have your encryption certificate will get a warning along the lines of "this message is untrusted!" on every email you send. This is because the mail software detects the crypto-signature, but doesn't know where it's coming from.









