7.8.1. How does PGP work?
7.8.2. "How should I store the secret part of my key? Can I memorize
it?"
- Modern ciphers use keys that are far beyond memorization
(or even typing in!). The key is usually stored on one's
home machine, or a machine that is reasonably secure, or on
diskette. The passphrase should always be memorized or
written down (ugh) in one's wallet or other such place.
Secure "dongles" worn around the neck, or a ring or watch,
may eventually be used. Smartcards and PDAs are a more
likely intermediate solution (many PCs now have PCMCIA card
slots).
7.8.3. "How do I sign messages?"
- cf. the PGP docs
+ however, this has come up on the List, and:
-
+ pgp -sta +clearsig=on message.txt
-
- That's from pgpdoc2.txt. Hope it helps. You might
wish to set up your mail
- user agent to invoke this command upon exiting your
default message editor,
- with "message.txt" set to whatever your editor calls
the temporary message
- file. <Russell Whitaker,
whitaker@sgi.com, 4-15-94, Cypherpunks>
7.8.4. Why isn't PGP easier to use?
- Compared to other possible crypto applications (like
digital money or voting systems), it is actually _very_
easy to use
- semantic gap...learning
7.8.5. How should I learn PGP?
7.8.6. "What's the status of PGP integration with other programs?"
+ Editors
+ emacs
+ emacs supports pgp, probably in various flavors (I've
seen several reports of different packages)..the built-
in language certainly helps
- Rick Busdiecker <rfb@lehman.com> has an emacs front
end to PGP available
- Jin S. Choi <jsc@monolith.MIT.EDU> once described a
package he wrote in elisp which supported GNU emacs:
"mailcrypt"
- there are probably many more
+ Mailers
- That is, are there any mailers that have a good link to
PGP? Hooks into existing mailers are needed
+ emacs
+ emacs supports pgp, probably in various flavors (I've
seen several reports of different packages)..the built-
in language certainly helps
- Rick Busdiecker <rfb@lehman.com> has an emacs front
end to PGP available
- Jin S. Choi <jsc@monolith.MIT.EDU> once described a
package he wrote in elisp which supported GNU emacs:
"mailcrypt"
- there are probably many more
- elm
- Eudora
+ PGP sendmail, etc.
- "Get the PGPsendmail Suite, announced here a few days
ago. It's available for anonymous ftp from:
ftp.atnf.csiro.au: pub/people/rgooch (Australia)
ftp.dhp.com: pub/crypto/pgp/PGPsendmail(U.S.A.)
ftp.ox.ac.uk: src/security (U.K.)... It works by
wrapping around the regular sendmail programme, so
you get automatic encryption for all mailers, not just
Rmail. " [Richard Gooch, alt.security.pgp, 1994-07-10]
+ MIME
- MIME and PGP <Derek Atkins, 4-6-94>
- [the following material taken from an announcement
forwarded to the Cypherpunks list by
remijn@athena.research.ptt.nl, 1994-07-05]
- "MIME [RFC-1341, RFC-1521] defines a format and
general framework for the representation of a wide
variety of data types in Internet mail. This document
defines one particular type of MIME data, the
application/pgp type, for "pretty good" privacy,
authentication, and encryption in Internet mail. The
application/pgp MIME type is intended to facilitate the
wider interoperation of private mail across a wide
variety of hardware and software platforms.
+ Newsreaders
- useful for automatic signing/verification, and e-mail
from withing newsreader
- yarn
- tin
- The "yarn" newsreader reportedly has PGP built in.
7.8.7. "How often should I change my key or keys?"
- Hal Finney points out that many people seem to think PGP
keys are quasi-permanent. In fact, never changing one's key
is an invitation to disaster, as keys may be compromised in
various ways (keystroke capture programs, diskettes left
lying around, even rf monitoring) and may conceivably be
cracked.
- "
+ "What is a good interval for key changes? I would suggest
every year or so
- makes sense, especially if infrastructure can be
developed to make it easier
- to propagate key changes. Keys should be overlapped in
time, so that you make
- a new key and start using it, while continuing to support
the old key for a
- time. <Hal Finney, hfinney@shell.portal.com, 4-15-94,
cypherpunks>
- Hal also recommends that remailer sites change their keys
even more frequently, perhaps monthly.
By Tim May, see README
HTML by Jonathan Rochkind