Cyphernomicon Top
Cyphernomicon 7.8

PGP -- Pretty Good Privacy:
How to Use PGP


    7.8.1. How does PGP work?
    7.8.2. "How should I store the secret part of my key? Can I memorize
            it?"
           - Modern ciphers use keys that are far beyond memorization
              (or even typing in!). The key is usually stored on one's
              home machine, or a machine that is reasonably secure, or on
              diskette. The passphrase should always be memorized or
              written down (ugh) in one's wallet or other such place.
              Secure "dongles" worn around the neck, or a ring or watch,
              may eventually be used. Smartcards and PDAs are a more
              likely intermediate solution (many PCs now have PCMCIA card
              slots).
    7.8.3. "How do I sign messages?"
           - cf. the PGP docs
           + however, this has come up on the List, and:
             -
             + pgp -sta +clearsig=on message.txt
               -
               - That's from pgpdoc2.txt.  Hope it helps.  You might
                  wish to set up your mail
               - user agent to invoke this command upon exiting your
                  default message editor,
               - with "message.txt" set to whatever your editor calls
                  the temporary message
               - file.               <Russell Whitaker,
                  whitaker@sgi.com, 4-15-94, Cypherpunks>
    7.8.4. Why isn't PGP easier to use?
           - Compared to other possible crypto applications (like
              digital money or voting systems), it is actually _very_
              easy to use
           - semantic gap...learning
    7.8.5. How should I learn PGP?
    7.8.6. "What's the status of PGP integration with other programs?"
           + Editors
             + emacs
               + emacs supports pgp, probably in various flavors (I've
                  seen several reports of different packages)..the built-
                  in language certainly helps
                 - Rick Busdiecker <rfb@lehman.com> has an emacs front
                    end to PGP available
                 - Jin S. Choi <jsc@monolith.MIT.EDU> once described a
                    package he wrote in elisp which supported GNU emacs:
                    "mailcrypt"
                 - there are probably many more
           + Mailers
             - That is, are there any mailers that have a good link to
                PGP? Hooks into existing mailers are needed
             + emacs
               + emacs supports pgp, probably in various flavors (I've
                  seen several reports of different packages)..the built-
                  in language certainly helps
                 - Rick Busdiecker <rfb@lehman.com> has an emacs front
                    end to PGP available
                 - Jin S. Choi <jsc@monolith.MIT.EDU> once described a
                    package he wrote in elisp which supported GNU emacs:
                    "mailcrypt"
                 - there are probably many more
             - elm
             - Eudora
             + PGP sendmail, etc.
               - "Get the PGPsendmail Suite, announced here a few days
                  ago. It's available for anonymous ftp from:
                  ftp.atnf.csiro.au: pub/people/rgooch   (Australia)
                  ftp.dhp.com: pub/crypto/pgp/PGPsendmail(U.S.A.)
                  ftp.ox.ac.uk: src/security  (U.K.)... It works by
                  wrapping around the regular  sendmail  programme, so
                  you get automatic encryption for all mailers, not just
                  Rmail. " [Richard Gooch, alt.security.pgp, 1994-07-10]
             + MIME
               - MIME and PGP <Derek Atkins, 4-6-94>
               - [the following material taken from an announcement
                  forwarded to the Cypherpunks list by
                  remijn@athena.research.ptt.nl, 1994-07-05]
               - "MIME [RFC-1341,  RFC-1521] defines a format and
                  general framework for the representation of a wide
                  variety of data types in Internet mail.  This document
                  defines one particular type of MIME data, the
                  application/pgp type, for "pretty good" privacy,
                  authentication, and encryption in Internet mail.  The
                  application/pgp MIME type is intended to facilitate the
                  wider  interoperation of private mail across a wide
                  variety of hardware and software platforms.
           + Newsreaders
             - useful for automatic signing/verification, and e-mail
                from withing newsreader
             - yarn
             - tin
             - The "yarn" newsreader reportedly has PGP built in.
    7.8.7. "How often should I change my key or keys?"
           - Hal Finney points out that many people seem to think PGP
              keys are quasi-permanent. In fact, never changing one's key
              is an invitation to disaster, as keys may be compromised in
              various ways (keystroke capture programs, diskettes left
              lying around, even rf monitoring) and may conceivably be
              cracked.
           - "
           + "What is a good interval for key changes?  I would suggest
              every year or so
             - makes sense, especially if infrastructure can be
                developed to make it easier
             - to propagate key changes.  Keys should be overlapped in
                time, so that you make
             - a new key and start using it, while continuing to support
                the old key for a
             - time. <Hal Finney, hfinney@shell.portal.com, 4-15-94,
                cypherpunks>
           - Hal also recommends that remailer sites change their keys
              even more frequently, perhaps monthly.
  

Next Page: 7.9 Keys, Key Signings, and Key Servers
Previous Page: 7.7 Where to Get PGP?

By Tim May, see README

HTML by Jonathan Rochkind