7.8.1. How does PGP work? 7.8.2. "How should I store the secret part of my key? Can I memorize it?" - Modern ciphers use keys that are far beyond memorization (or even typing in!). The key is usually stored on one's home machine, or a machine that is reasonably secure, or on diskette. The passphrase should always be memorized or written down (ugh) in one's wallet or other such place. Secure "dongles" worn around the neck, or a ring or watch, may eventually be used. Smartcards and PDAs are a more likely intermediate solution (many PCs now have PCMCIA card slots). 7.8.3. "How do I sign messages?" - cf. the PGP docs + however, this has come up on the List, and: - + pgp -sta +clearsig=on message.txt - - That's from pgpdoc2.txt. Hope it helps. You might wish to set up your mail - user agent to invoke this command upon exiting your default message editor, - with "message.txt" set to whatever your editor calls the temporary message - file. <Russell Whitaker, whitaker@sgi.com, 4-15-94, Cypherpunks> 7.8.4. Why isn't PGP easier to use? - Compared to other possible crypto applications (like digital money or voting systems), it is actually _very_ easy to use - semantic gap...learning 7.8.5. How should I learn PGP? 7.8.6. "What's the status of PGP integration with other programs?" + Editors + emacs + emacs supports pgp, probably in various flavors (I've seen several reports of different packages)..the built- in language certainly helps - Rick Busdiecker <rfb@lehman.com> has an emacs front end to PGP available - Jin S. Choi <jsc@monolith.MIT.EDU> once described a package he wrote in elisp which supported GNU emacs: "mailcrypt" - there are probably many more + Mailers - That is, are there any mailers that have a good link to PGP? Hooks into existing mailers are needed + emacs + emacs supports pgp, probably in various flavors (I've seen several reports of different packages)..the built- in language certainly helps - Rick Busdiecker <rfb@lehman.com> has an emacs front end to PGP available - Jin S. Choi <jsc@monolith.MIT.EDU> once described a package he wrote in elisp which supported GNU emacs: "mailcrypt" - there are probably many more - elm - Eudora + PGP sendmail, etc. - "Get the PGPsendmail Suite, announced here a few days ago. It's available for anonymous ftp from: ftp.atnf.csiro.au: pub/people/rgooch (Australia) ftp.dhp.com: pub/crypto/pgp/PGPsendmail(U.S.A.) ftp.ox.ac.uk: src/security (U.K.)... It works by wrapping around the regular sendmail programme, so you get automatic encryption for all mailers, not just Rmail. " [Richard Gooch, alt.security.pgp, 1994-07-10] + MIME - MIME and PGP <Derek Atkins, 4-6-94> - [the following material taken from an announcement forwarded to the Cypherpunks list by remijn@athena.research.ptt.nl, 1994-07-05] - "MIME [RFC-1341, RFC-1521] defines a format and general framework for the representation of a wide variety of data types in Internet mail. This document defines one particular type of MIME data, the application/pgp type, for "pretty good" privacy, authentication, and encryption in Internet mail. The application/pgp MIME type is intended to facilitate the wider interoperation of private mail across a wide variety of hardware and software platforms. + Newsreaders - useful for automatic signing/verification, and e-mail from withing newsreader - yarn - tin - The "yarn" newsreader reportedly has PGP built in. 7.8.7. "How often should I change my key or keys?" - Hal Finney points out that many people seem to think PGP keys are quasi-permanent. In fact, never changing one's key is an invitation to disaster, as keys may be compromised in various ways (keystroke capture programs, diskettes left lying around, even rf monitoring) and may conceivably be cracked. - " + "What is a good interval for key changes? I would suggest every year or so - makes sense, especially if infrastructure can be developed to make it easier - to propagate key changes. Keys should be overlapped in time, so that you make - a new key and start using it, while continuing to support the old key for a - time. <Hal Finney, hfinney@shell.portal.com, 4-15-94, cypherpunks> - Hal also recommends that remailer sites change their keys even more frequently, perhaps monthly.
Next Page: 7.9 Keys, Key Signings, and Key Servers
Previous Page: 7.7 Where to Get PGP?
By Tim May, see README
HTML by Jonathan Rochkind