PGP 6.5 Instruction Manual

PGP Freeware
for Windows 95, Windows 98,

and Windows NT

User’s Guide

Versio n 6.5

Copyright © 1990-1999 Network Associates, Inc. and its Affiliated Companies. All Rights
Reserved.

PGP*, Version 6.5.1
06-99. Printed in the United States of America.
PGP, Pretty Good, and Pretty Good Privacy are registered trademarks of Network Associates,

Inc. and/or its Affiliated Companies in the US and other countries. All other registered and
unregistered trademarks in this document are the sole property of their respective owners.

Portions of this software may use public key algorithms described in U.S. Patent numbers
4,200,770, 4,218,58 2, 4 ,405 , 82 9, a nd 4, 424 , 41 4, l ic ense d exclu siv ely by P ubli c Key Partners; the
IDEA(tm) cryptographic cipher described in U.S. patent number 5,214,703, licensed from
Ascom Tech AG; and the Northern Telecom Ltd., CAST Encryption Algorithm, licensed from
Northern Telecom, Ltd. IDEA is a trademark of Ascom Tech AG. Network Associates Inc. may
have patents and/or pending patent applicatio ns covering subject matter in this software or
its documentation; the furnishing of this software or documentation does not give you any
license to these patents. The compression code in PGP is by Mark Adler and Jean-Loup Gailly,
used with permission from the free Info-ZIP implementation. LDAP software provided
courtesy University of Michigan at Ann Arbor, Copyright © 1992-1996 Regents of the
University of Michigan. All rights reserved. This product includes software developed by the
Apache Group for use in the Apache HTTP server project (http://www.apache.org/).
Copyright © 1995-1999 The Apache Group. All rights reserved. See text files included with the
software or the PGP web site for further information. This software is based in part on the
work of the Independent JPEG Group. Soft TEMPEST font courtesy of Ross Anderson and
Marcus Kuhn. Biometric word list for fingerprint verification courtesy of Patrick Juola.

The software provided with this documentation is licensed to you for your individual use
under the terms of the End User License A greement and Limited Warranty provided wi th the
software. The information in this document is subject to change without notice. Network
Associates Inc. does not warrant that the information meets you requirements or that the
information is free of errors. The information may in clude technical inaccuracies or
typographical errors. Changes may be made to the information and incorporated in n ew
editions of this document, if and when made available by Network Associates Inc.

Export of this software and documentation may be subject to co mpliance with the rules and
regulations promulgated from time to time by the Bureau of Export Administration, United
States Department of Commerce, which restrict the export and re-export of certain products
and technical data.

Network Associates, Inc. (408) 988-3832 main
3965 Freedom Circle (408) 970-9727 fa x
Santa Clara, CA 95 054 http://www .n ai.com

info@nai.com

* is sometimes used instead of the ® for registered trademarks to protect marks registered outside of the
U.S.

LIMITED WARRANTY

Limited Warranty.
substantially in accordance with the accompanyi ng written materials for a period of sixty (60)
days from the date of original purchase. To the extent allowed by applicable law, implied
warranties on the Software Product, if any, are limited to such sixty (60) day period. Some
jurisdictions do not allow limitations on duration of an implied warranty, so the above
limitation may not apply to you.

Customer Remedies.

exclusive remedy shall be, at Network Associates Inc’s option, either (a) return of the purchase
price paid for the license, if any or (b) repair or replacement of the Software Product that does
not meet Network Associates Inc’s limited warranty and which is returned at your expense to
Network Associates Inc. with a copy of your receipt. This limited warranty is void if failure of
the Software Product has resulted from accident, abuse, or misapplication. Any repaired or
replacement Software Product will be warranted for the remainder of the original warranty
period or thirty (30) days, whichever is longer. Outside the United States, neither these
remedies nor any product support services offered by Network Associates Inc. are available
without proof of purchase from an authorized international source and may no t be available
from Network Associates Inc. to the extent they subject to restrictions under U.S. export control
laws and regulations.

NO OTHER WARRANTIES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE
LAW, AND EXCEPT FOR THE LIMITED WARRANTIES SET FORTH HEREIN, THE
SOFTWARE AND DOCUMENTATION ARE PROVIDED “AS IS” AND NETWORK
ASSOCIATES, INC. AND ITS SUPPLIERS DISCLAIM ALL OTHER WARRANTIES AND
CONDITIONS, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE, CONFORMANCE WITH DESCRIPTION, TITLE AND NON-INFRINGEMENT OF
THIRD PARTY RIGHTS, AND THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT
SERVICES. THIS LIMITED WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS. YOU MAY
HAVE OTHERS, WHICH VARY FROM JURISDICTION TO JURISDICTION.

Network Associates Inc. warrants th at the Software Product will perform

Network Associates Inc’s and its suppliers’ entire liability and your

LIMITATION OF LIABILITY. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE
LAW, IN NO EVENT SHALL NETWORK ASSOCIATES, INC. OR ITS SUPPLIERS BE LIABLE
FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR EXEMPLARY
DAMAGES OR LOST PROFITS WHATSOEVER (INCLUDING, WITHOUT LIMITATION,
DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF
BUSINESS INFORMATION, OR ANY OTHER PECUNIARY LOSS) ARISING OUT OF THE
USE OR INABILITY TO USE THE SOFTWARE PRODUCT OR THE FAILURE TO PROVIDE
SUPPORT SERVICES, EVEN IF NETWORK ASSOCIATES, INC. HAS BEEN ADVISED OF
THE POSSIBILITY OF SUCH DAMAGES. IN ANY CASE, NETWORK ASSOCIATES, INC’S
CUMULATIVE AND ENTIRE LIABILITY TO YOU OR ANY OTHER P ARTY FOR ANY LOSS
OR DAMAGES RESULTING FROM ANY CLAIMS, DEMA NDS OR ACTIONS ARISING OUT
OF OR RELATING TO THIS AGREEMENT SHALL NOT EXCEED THE PURCHASE PRICE
PAID FOR THIS LICENSE. BECAUSE SOME JURISDICTIONS DO NOT ALLOW THE
EXCLUSION OR LIMITATION OF LIABILITY, THE ABOVE LIMITATIONS MAY NOT
APPLY TO YOU.

Table of Contents

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11

What’s new in PGP version 6.5.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12

How to contact Network Associates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12

Customer service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12

Comments and feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13

Year 2000 compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13

Recommended Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13

Chapter 1. Installing PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

System requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

Compatibility with other versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16

Upgrading from a previous version . . . . . . . . . . . . . . . . . . . . . . . . .16

Installing PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18

Chapter 2. Using PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Basic steps for using PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Using PGPkeys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26

PGPkeys icon definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

Using PGPtray . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29

Performing PGP functions from the Clipboard or Current Window . . .30

Using PGP from Windows Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31

Using PGPtools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31

Using PGP within supported email applications . . . . . . . . . . . . . . . . . . . . . . .32

Using PGP/MIME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33

Selecting recipients for encrypted files or email . . . . . . . . . . . . . .33

Taking shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33

Getting Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34

Chapter 3. Making and Exchanging Keys . . . . . . . . . . . . . . . . . . . . . . . .35

Key concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35

Making a key pair . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36

Creating a passphrase that you will remember . . . . . . . . . . . . . . . . . . . . . . . .40

User’s Guide v

Table of Contents

Backing up your keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41

Protecting your keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41

Adding and removing information in your key pair . . . . . . . . . . . . . . . . . . . . .42

Splitting and rejoining keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53

Distributing your public key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

Obtaining the public keys of others . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64

Adding a photographic ID to your key . . . . . . . . . . . . . . . . . . . . . . . . . . .42

Creating new subkeys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44

Adding a new user name or address to your key pair . . . . . . . . . . . . . .46

Adding a designated revoker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47

Adding an X.509 certificate to your PGP key . . . . . . . . . . . . . . . . . . . . . .48

Changing your passphrase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51

Deleting a key or signature on your PGP keyring . . . . . . . . . . . . . . . . . .53

Creating a split key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53

Rejoining split keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56

Making your public key available through a certificate server . . . . . . .61

Updating your key on a certificate server . . . . . . . . . . . . . . . . . . . .62

Including your public key in an email message . . . . . . . . . . . . . . . . . . .63

Exporting your public key to a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64

Getting public keys from a certificate server . . . . . . . . . . . . . . . . . . . . .65

Adding public keys from email messages . . . . . . . . . . . . . . . . . . . . . . . .67

Importing keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68

Verifying the authenticity of a key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68

Why verify the authenticity of a key? . . . . . . . . . . . . . . . . . . . . . . .68

Verify with a digital fingerprint . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

Validating the public key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

Working with trusted introducers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

What is a trusted introducer? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70

What is a meta-introducer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70

Chapter 4. Sending and Receiving Secure Email . . . . . . . . . . . . . . . . . .71

Encrypting and signing email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71

Encrypting and signing with supported email applications . . . . . . . . .72

Encrypting email to groups of recipients . . . . . . . . . . . . . . . . . . . . . . . .77

Working with distribution lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78

vi PGP Freeware

Table of Cont ents

Sending encrypted and signed email to distribution lists . . . . . . .79

Decrypting and verifying email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79

Chapter 5. Using PGP for Secure File Storage . . . . . . . . . . . . . . . . . . . .83

Using PGP to encrypt and decrypt files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83

Using the PGP right-click menu to encrypt and sign . . . . . . . . . . .83

Using PGPtools to encrypt and sign . . . . . . . . . . . . . . . . . . . . . . . .85

Using PGPtray to decrypt and verify . . . . . . . . . . . . . . . . . . . . . . . .87

Using PGPtools to decrypt and verify . . . . . . . . . . . . . . . . . . . . . . .88

Signing and decrypting files with a split key . . . . . . . . . . . . . . . . . . . . . . . . . .88

Using PGP Wipe to delete files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93

Using the PGP Free Space Wiper to clean free space on your disks . . . . . .94

Scheduling Free Space Wiper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96

Chapter 6. Managing Keys and Setting PGP Options . . . . . . . . . . . . . .99

Managing your keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99

The PGPkeys window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100

PGPkeys attribute definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101

Examining a key’s properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103

General Key Properties panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103

Subkey properties window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105

Designated revoker window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .106

Specifying a default key pair . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107

Verifying someone’s public key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108

Signing someone’s public key . . . . . . . . . . . . . . . . . . . . . . . . . . . .110

Granting trust for key validations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112

Disabling and enabling keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113

Importing and Exporting Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114

Revoking a key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115

Appointing a designated revoker . . . . . . . . . . . . . . . . . . . . . . . . . .116

Setting PGP options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116

Setting general options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117

Setting file options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119

Setting emailoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120

Setting HotKey preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122

User’s Guide vii

Table of Contents

Setting server options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .124

Setting CA options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

Setting advanced options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

Chapter 7. PGPnet Virtual Private Networking . . . . . . . . . . . . . . . . . . .129

What is a VPN? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129

How does a VPN work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130

What do you need to protect? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130

PGPnet features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131

What is PGPnet? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132

What is a Security Association? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132

PGPnet’s two modes: tunnel and transport . . . . . . . . . . . . . . . . . . . . . . . . . .133

What is tunnel mode? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133

What is transport mode? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133

How does PGPnet communicate with secure and insecure hosts? . . . . . .133

How do you use PGPnet? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134

Changing Network Control Panel Settings . . . . . . . . . . . . . . . . . . . . . .135

Starting the PGPnet program . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135

Selecting your authentication key or certificate . . . . . . . . . . . . . . . . . .136

The PGPnet window at a glance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137

Using PGPnet from PGPtray . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139

PGPtray’s icon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139

Turning PGPnet off . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139

Turning PGPnet on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .140

Exiting PGPnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .140

Using PGPnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .140

Viewing the Status Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .141

Viewing the Log Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142

Using the Hosts Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .144

The Connect and Disconnect buttons . . . . . . . . . . . . . . . . . . . . . .145

Establishing an SA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145

Adding a host, subnet, or gateway . . . . . . . . . . . . . . . . . . . . . . . .148

Modifying a host, subnet, or gateway entry . . . . . . . . . . . . . . . . .155

Removing a host, subnet, or gateway entry . . . . . . . . . . . . . . . . .155

Requiring a host to present a specific key or certificate . . . . . . . . . . .155

viii PGP Freeware

Table of Cont ents

Viewing the General Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .156

Expert Mode: Bypassing the wizard to add hosts, gateways, and subnets

157

Cache passphrases between logins . . . . . . . . . . . . . . . . . . . . . . .162

Setting key expiration values . . . . . . . . . . . . . . . . . . . . . . . . . . . . .162

Authenticating a connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .164

Advanced Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .166

Allowed Remote Proposals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .166

Proposals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .169

Set Adapter: Changing your secure network interface . . . . . . . . . . . . . . . . .173

Appendix A. Troubleshooting PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . .177

Appendix B. Transferring Files Between the Mac OS and Windows . 181

Sending from the Mac OS to Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .182

Receiving Windows files on the Mac OS . . . . . . . . . . . . . . . . . . . . . . . . . . . .183

Supported Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184

Appendix C. Phil Zimmermann on PGP . . . . . . . . . . . . . . . . . . . . . . . . .187

Why I wrote PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187

The PGP symmetric algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191

About PGP data compression routines . . . . . . . . . . . . . . . . . . . . . . . . .193

About the random numbers used as session keys . . . . . . . . . . . . . . .193

About the message digest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194

How to protect public keys from tampering . . . . . . . . . . . . . . . . . . . . .195

How does PGP keep track of which keys are valid? . . . . . . . . . . . . . . .198

How to protect private keys from disclosure . . . . . . . . . . . . . . . . . . . .200

What if you lose your private key? . . . . . . . . . . . . . . . . . . . . . . . .201

Beware of snake oil . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .201

Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .206

Compromised passphrase and private key . . . . . . . . . . . . . . . . . . . . . .206

Public key tampering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .206

Not quite deleted files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .207

Viruses and Trojan horses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .208

Swap files or virtual memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209

Physical security breach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .210

User’s Guide ix

Table of Contents

Tempest attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .210

Protecting against bogus timestamps . . . . . . . . . . . . . . . . . . . . . . . . . .210

Exposure on multi-user systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .212

Traffic analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .212

Cryptanalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .212

Appendix D. Biometric Word Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . .215

Biometric Word Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .215

Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .221

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233

x PGP Freeware

Preface

Welcome to PGP! With PGP for Freeware, you can easily and securely protect
the privacy of your email messages and file attachments by encrypting them
so that only the intended recipients can read them. You can also digitally sign
messages and files, which ensures their authenticity. A signed messages
verifies that the information in it has not been tampered with in any way.

This guide describes how to use PGP
and Windows NT. PGP Freeware has many new features, which are described
in “What’s new in PGP version 6.5.1” on page 12.

If you are new to cryptography and would like an overview of the terminology
and concepts you will encounter while using PGP, see An Introduction to
Cryptography.

®

Freeware for Windows 95, Windows 98,

User’s Guide 11

Preface

What’s new in PGP version 6.5.1

This version of PGP includes these new features:

• PGPnet. PGPnet is a landmark product in the history of PGP. PGPnet

secures all TCP/IP communications between itself and any other machine
running PGPnet. It is also fully interoperable with the Gauntlet GVPN
firewall/gateway providing a complete solution for corporate remote
access VPNs using the industry standard IPSec (Internet Protocol Security)
and IKE (Internet Key Exchange) protocols. PGPnet has also been
successfully tested with Cisc o routers (requires Cisco IOS 12.0( 5) or later
with IPSec TripleDes Feature Pack), Linux FreeS/WAN 1.0, and many
others. Refer to Chapter 7, “P GPnet V irtual P rivate Networki ng,” for more
information and instruction s on using PGPnet.

• Self-Decrypting Archives. PGP can now encrypt files or folders into

Self-Decrypting Archives (SDA) which can be sent to users who do not
even have PGP. The archives are completely independent of any
application, and are compressed and protected by PGP's strong
cryptography. Automated Freespace Wiping. PGP's Freespace Wipe
feature now allows you to use the Windows Task Scheduler to schedule
periodic secure wiping of the freespace on your disk. This ensures that
previously deleted files are securely wiped.

• Hotkeys. The Use Current Window feature is significantly enhanced by the

addition of Hotkeys. You can now set hotkey combinations for the
Encrypt/Decrypt/Sign functions.

• Fingerprint word list. When verifying a PGP public key fingerprint, you

can now choose to view the fingerprint as a word list instead of
hexadecimal characters. The word list in the fingerprint text box is made up
of special authentication words that PGP uses and are carefully selected to
be phonetically distinct and easy to understand without phonetic
ambiguity.

• Smart Word Wrapping. The word wrapping in PGP now automatically

rewraps paragraphs and even quoted paragraphs resulting in much
cleaner signed messages.

How to contact Network Associates

Customer service

To order products or obtain product information, contact the Network
Associates Customer Care department at (408) 988-3832 or write to the
following address :

12 PGP Freeware

Network Associates, Inc.
McCandless Towers
3965 Freedom Circle
Santa Clara, CA 95054-1203
U.S.A.

Comments and feedback

Network Associates appreciates your comments and feedback, but incurs no
obligation to you for information you submit. Please address your comments
about PGP product documentation to: Network Associates, Inc., 3965
Freedom Circle Santa Clara, CA 95054-1203 U.S.A.. You can also e-mail
comments to tns_documentation@nai.com.

Year 2000 compliance

Information regarding NAI products that are Year 2000 compliant and its Year
2000 standards and testing models may be obtained from NAI’s Web site at
http://www.nai.com/y2k.

For further information, email y2k@nai.com.

Preface

Recommended Readings

Non-Technical and beginning technical books

• Whitfield Diffie and Susan Eva Landau, “Privacy on the Line,” MIT Press;
ISBN: 0262041677
This book is a discussion of the history and policy surrounding
cryptography and communications security. It is an excellent read, even for
beginners and non-technical people, but with information that even a lot of
experts don't know.

• David Kahn, “The Codebreakers” Scribner; ISBN: 0684831309
This book is a history of codes and code breakers from the time of the
Egyptians to the end of WWII. Kahn first wrote it in the sixties, and there is
a revised edition pu blished in 1996. This book won't teach you anything
about how cryptography is done, but it has been the inspiration of the
whole modern generation of cryptographers.

User’s Guide 13

Preface

• Charlie Kaufman, Radia Perlman, and Mike Spencer, “Network Security:
Private Communication in a Public World,” Prentice Hall; ISBN:
0-13-061 466-1
This is a good description of network security systems and protocols,
including descriptions of what works, what doesn't work, and why.
Published in 1995, so it doesn't have many of the latest advances, but is still
a good book. It also contains one of the most clear descriptions of how DES
works of any book written.

Intermediate books

• Bruce Schneier, “Applied Cryptography: Protocols, Algorithms, and
Source Code in C,” John Wiley & Sons; ISBN: 0-471-12845-7
This is a good beginning technical book on how a lot of cryptography
works. If you want to become an expert, this is the place to start.

• Alfred J. Menezes, Paul C. van Oorschot, and Scott Vanstone,
“Handbook of Applied Cryptography,” CRC Press; ISBN: 0-8493-8523-7
This is the technical book you should get after Schneier. There is a lot of
heavy-duty math in this book, but it is nonetheless usable for those who do
not understand the math.

• Richard E. Smith, “Internet Cryptography,” Addison-Wesley Pub Co;
ISBN: 020192480
This book describes how many Internet security protocols. Most
importantly, it describes how systems that are designed well nonetheless
end up with flaws through careless operation. This book is light on math,
and heavy on practical information.

14 PGP Freeware

• William R. Cheswick and Steven M. Bellovin, “F irewalls and Internet
Security: Repelling the Wily Hacker” Addison-Wesley Pub Co;
ISBN: 0201633574
This book is written by two senior researcher at AT&T Bell Labs, about
their experiences maintaining and redesigning A T&T's Internet
connection. Very readable.

Advanced books

• Neal Koblitz, “A Course in Number Theory and Cryptography”
Springer-Verlag; ISBN: 0-387-94293-9
An excellent graduate-level mathematics textbook on number theory and
cryptography.

• Eli Biham and Adi Shamir, “Differential Cryptanalysis of the Data
Encryption Standard,” Springer-Verlag; ISBN: 0-387-97930-1
This book describes the technique of differential cryptanalysis as applied to
DES. It is an excellent book for learning about this techni que.

1Installing PGP

This chapter describes how to install and run PGP Freeware Windows
software. This chapter also provides a quick overview of the procedures you
will normally follow in using the product.

Before you begin installing PGP be sure to review the system requirements
outlined below.

System requirements

To install PGP on a Windows 95, Widows 98, or Windows NT system, you
must have:

• Windows 95, Windows 98, or Windows NT 4.0 (Service Pack 3 or later)

•32 MB RAM

•16 MB Hard Disk Space

If you plan to run PGPnet on the system, you must also have:

•Microsoft TCP/IP

1

• A compatible LAN/WAN network adapter

• Windows 95b (OSR2) if you are installing on a Windows 95 system

User’s Guide 15

Installing PGP

Compatibility with other versions

PGP has gone through many revisions since it was released by Phil
Zimmermann as a freeware product in 1991. Although this version of PGP
represents a significant rewrite of the original program and incorporates a
completely new user interface, it has been designed to be compatible with
earlier versions of PGP. This means that you can excha nge secure email with
people who are still using these older versions of the product:

• PGP 2.6 (Distributed by MIT)

• PGP for Personal Privacy, Version 5.0 - 5.5

• PGP for Business Security or PGP for Email and Files Version 5.5

• PGP Desktop Security or PGP for Personal Privacy Version 6.0

NOTE: PGP desktop products that are version 5.0 and later may require



the RSA add-on for backward compatibility.

Upgrading from a prev ious version

If you are upgrading from a previous version of PGP (from PGP, Inc.,
Network Associates, Inc. or ViaCrypt), you may want to remove the old
program files before installing PGP to free up some disk space. However, you
should be careful not to delete the private and public keyring files used to store
any keys you have created or collected while using the previous version.
When you install PGP, you are given the option of retaining your existing
private and public keyrings, so you don’t have to go to the trouble of
importing all of your old keys. To upgrade from a previous version, follow the
appropriate steps listed next.

16 PGP Freeware

To upgrade from PGP Version 2.6.2 or 2.7.1

1. Exit all programs or open applications.

2. Make backups of your old PGP keyrings on another volume. In PGP for
Windows versions 2.6.2 and 2.7.1, your public keys are stored in
“pubring.pgp” and your private keys are stored in “secring.pgp”. In
versions 5.x - 6.5, your public keys are stored in “pubring.pkr” and your
private keys are stored in “secring.skr”.

Installing PGP

Ð TIP: Make two separate backups of your keyrings onto two

different floppy disks just to be safe. Be especially careful not to lose
your private keyring; otherwise you will never be able to decrypt
any email messages or file attachments encrypted with the lost keys.
Store the keyrings in a secure place where only you ha ve access to
them.

3. When you have succes sf ully backed up your old keyrings, remove or
archive the (old) PGP software. You have two options here:

• Manually delete the entire old PGP folder and all of its contents; or

• Manually delete the old PG P program and archive the remaining

files, especially the configu ration and keyring files.

4. Install PGP version 6.5.1 using the provided installer.

5. Restart your computer.

To upgrade from PG P Ver sion 5. x

If you are upgrading from PGP version 4.x or 5.x, follow the installation
instructions outlined in “Installing PGP” below.

User’s Guide 17

Installing PGP

Installing PGP

You can install the PGP Freeware software from a CD-ROM or from
downloaded files. The self-extracting file, Setup.exe, automatically extracts
and steps you through the installation.After you install the software, you can
create your private and public key pair and begin using PGP. Refer to the
PGPWinUsersGuide.pdf file included with the program for instructions on
using PGP.

To install PGP Freeware for Windows systems, carefully follow the steps
outlined below.

To install PGP

1. Exit all programs currently running on your computer, then do one of the
following:

• To install from a CD-ROM, insert it into the CD-ROM drive.

The Setup program automatically starts. If, however, the Setup
program does not initiate, double-click Setup.exe in the PGP fo ld er
on the CD-ROM.

• To install from downloaded files, extract the compressed

installation files onto your computer.
Double-click on Setup.exe to start the installer.

2. The Setup program searches for open programs and prompts you to
close them.

If you have PGP version 4.x - 6.x currently installed , the PGP setup
program prompts you to uninstall the old PGP files. Click Yes to
automatically uninstall the old version. Your keyring files are saved in a
file named Old Keyrings.

You must reboot your computer after uninstallin g the files. Once your
computer reboots, the installer continues.

The PGP Installation screen appears.

3. Review the instructions in the PGP Welcome dialog box, then click Next.
The Network Associates license agreement appears.

4. Review the license agreement information, then click Yes to accept the
licensing terms.

18 PGP Freeware

Installing PGP

The Whatsnew.txt file appears listing the new features and other
important information regarding PGP version 6.5.1.

5. Review the Whatsnew.txt file, then click Next.

6. Register your product by enterin g yo ur name and in the User
Information dialog box.

7. Click Next.

8. Click Browse to navigate to a destination directory for your PGP files or
accept the default directory. Click Next to continue.

The Select Components dialog box appears, as shown in Figure 1-1.

Figure 1-1. PGP Select Components dialog box

9. Clear the components that you do not want to install. By default, each
option is selected. Your installation options are:

• PGP Key Management (required). This item installs the PGP

program. You must install the Key Management utilities.

• PGPnet. Select this option to install the PGPnet program. PGPnet, a

Virtual Private Network (VPN), is an easy-to-use encryption
application that allows you to communicate securely and
economically with other PGPnet users throughout the world.

• PGP Eudora Plug-in. Select this option if you want to integrate PGP

functionality with your Qualcomm Eudora email program. PGP
version 6.5.1 supports Eudora versions 3.05 and later.

User’s Guide 19

Installing PGP

• PGP Microsoft Exchange/Outlook Plug-in. Select this option if you

want to integrate PGP functionali ty with your Microsoft
Exchange/Outlook email program. PGP version 6.5.1 supports
Outlook 97 and 98.

• PGP Microsoft Outlook Express Plug-in. Select this option if you

want to integrate PGP functionality with your Microsoft Outlook
Express email program. PGP version 6.5.1 supports the version that
is included with Internet Explorer versions 4.x.

• PGP User’s Manual (Adobe Acrobat format). Select this option to

install the PGP User’s Guide.

• PGP CommandLine. Select this option if you want to install the

command line version of PGP for Wi n d ow s NT systems. This is for

use as a client only. Batch server processes require additional licensing.

10. Click Next.
A dialog box appears, alerting you that the installer is ready to copy files.

11. Review the installation settings, then click Next.
The PGP files are copied to the computer.

12. If you have keyrings on your computer from a previous version of PGP,
click Yes to use your exis ting keyrings.

A browse dialog box appears. Browse to locat e y our public keyring,
Pubring.pkr, and your private keyring, Secring.skr.

If you do not have keyrings on your computer, click No. When you first
open the PGPkeys application, you are prompted to create a keypair.

13. If you chose to install the PGPnet application, the PGPnet Network
Adapter List appears listing the network adapters found on your system,
as shown in Figure 1-2.

Figure 1-2. PGPnet Network Adapter List

20 PGP Freeware

Installing PGP

If you want to communicate securely over a modem, select yo ur WAN
adapter (for example, Remote Access WAN Wrapper or dialup adapter).
If you want to communicate securely over an Ethernet connection, select
your LAN adapter (for example, 3COM Megahertz LAN PC Card).
When you have made your selection, click OK.

NOTE: On Windows 98 computers, WAN is listed as “Dialup



Adapter” instead of “Remote WAN Wrapper.”

The installation program binds the PGPnet driver to the adapter you
selected and configures your computer to use the PGPnet application.

14. If you want to restart your computer automatically, select Yes, I want to
restart my computer now.

15. Click Finish to complete the PGP installation and reboot your computer.

NOTE: You must reboot your computer if you install PGPnet.



That’s it! PGP is installed on your computer.

User’s Guide 21

Installing PGP

22 PGP Freeware

2Using PGP

PGP is based on a widely accepted encryption technology known as public key
cryptography in which two complementary keys, called a key pair, are used to

maintain secure communications. One of the keys is designated as a private key
to which only you have access and the other is a public key which you freely
exchange with other PGP users. Both your private and your public keys are
stored in keyring files, which are accessible from the PGPkeys window. It is
from this window that yo u perform all your key management func tions.

This section takes a quick look at the procedures you normally follow in the
course of using PGP. For details concerning any of these procedures, refer to
the appropriate chapters in this book. For a comprehensive overview of PGP
encryption technology, refer to “An Introduction to Cryptography,” which is
included with the product.

Basic steps for using PGP

1. In stall PG P on your computer. Refer to Chapter 1, “Installing PGP” for

complete installation instru ctions.

2. Create a private and public key pair.

2

Before you can begin using PGP, you need to gen erate a key pair. A PGP
key pair is composed of a private key to which only you have access and a
public key that you can copy and make f reel y available to everyone with
whom you exchange information.

You have the option of creating a new key pair immediately after you have
finished the PGP installation procedure, or you can do so at any time by
opening the PGPkeys application.

For more information about creating a private and public key pair, refer to

“Making a key pair” on page 36.

3. Exchange public keys with others.
After you have created a key pair, you can begin corresponding with other

PGP users. You will need a copy of their public key and they will need
yours. Your public key is just a block of text, so it’s quite easy to trade keys
with someone. You can include your public key in an email message, copy
it to a file, or post it on a public or corporate key server where anyone can
get a copy when they need it.

User’s Guide 23

Using PGP

For more information about exchanging public keys, refer to “Distributing

your public key” on page 60 and “Obtaining the public keys of others” on
page 64.

4. Validate public keys.
Once you have a copy of someone’s publ ic key, you can add it to your

public keyring. You should then check to make sure that the key has not
been tampered with and that it really belongs to the purported owner. You
do this by comparing the unique fingerprint on your copy of someone’s
public key to the fingerprint on that person’s orig inal key. When you are
sure that you have a valid public key, you sign it to indicate that you feel
the key is safe to use. In addition, you can grant the owner of the key a level
of trust indicating how much confidence you have in that person to vouch
for the authenticity of someone else’s public key.

For more information about valida ting your keys, refer to “Verifying the

authenticity of a key” on page 68.

5. Encrypt and sign your email and fi les.
After you have generated your key pair and have exchanged public keys,

you can begin encrypting and signing email messages and files.
PGP works on the data generated by other applications. Therefore the

appropriate PGP functions are designed to be immediately available to you
based on the task you are performing at any given moment. There are
several ways to encrypt and sign with PGP:

• From the System tray (PGPtray). PGPtray includes utilities to

perform cryptographic tasks on data on the Clipboard or in the
current window. See “Using PGPtray” on page 29.

• From within supported email applications (PGP email plug-ins).

The plug-ins enable you to secure your email from within the
supported email application. See “Using PGP within supported

email applications” on page 32.

• From PGPtools. PGPtools enables you to perform cryptogr aphic

tasks within applications not supported by plug-ins, plu s othe r
security tasks, such as wiping files from your disk. See “Using

PGPtools” on page 31.

• From the Windows Explorer File menu. You can encrypt and sign

or decrypt and verify files such as word processing documents,
spreadsheets and video clips directly from the Windows Explorer.
See “Using PGP from Windows Explorer” on page 31.

24 PGP Freeware

For more information about encrypting email, refer to “Encrypting and

signing email” on page 71. For more informatio n about decrypting files,

refer to “Using PGP to encrypt and decrypt f iles” on page 83.

6. Decrypt and verify your email and files.
When someone sends you encrypted data, you can unscramble the

contents and verify any appended signature to make sure that the data
originated with the alleged sender and that it has not been altered.

• If you are using an email application that is supported by the
plug-ins, you can decrypt and verify your messages by selecting the
appropriate options from your applicat ion’s tool bar.

• If your email application is not supported by the plug-ins, you can
copy the message to the clipboard and perform the appropriate
functions from there. If you want to decrypt and verify files, you can
do so from the Clipboard, Windows Explorer, or by using PGPtools.
You can also decrypt encrypted files stored on your computer, and
verify signed files to ensure that they have not been tampered with.

For more information about securing email, refer to “Decrypting and

verifying email” on page 79. For more information about securing files,

refer to “Using PGP to encrypt and decrypt f iles” on page 83.

Using PGP

7. Wipe files.
When you need to permanently delete a file, you can use the Wipe feature

to ensure that the file is unrecoverable. The file is immediately overwritten
so that it cannot be retrieved using disk recovery software.

For more information about wiping files, refer to “Using PGP Wipe to

delete files” on page 93.

User’s Guide 25

Using PGP

Using PGPkeys

When you choose PGPkeys from PGPtray, the PGPkeys window opens
(Figure 2-1) showing the private and publi c ke y pairs you have created for
yourself as well as any public keys of other users that you have added to your
public keyring.

26 PGP Freeware

Figure 2-1. PGPkeys

(If you have not already created a new key pair, the PGP Key Generation
Wizard leads you through the necessary steps. However, before going
through the process of creating a new key pair, you should see Chapter 3,

“Making and Exchan ging Keys,” for complete details about the various

options.)
From the PGPkeys window you can create new key pairs and manage all of

your other keys. For instance, this is where you examine the attributes
associated with a particular key, sp eci fy how confident you are that the key
actually belongs to the alleged owner, and indicate how well you trust the
owner of the key to vouch for the authenticity of other users’ keys. For a
complete explanation of the key management functions you perform from the
PGPkeys window, see Chapter 6.

PGPkeys icon definitions

PGPkeys menu bar icons

The following table shows all of the icons used in the PGPkeys menu bar,
along with a description of their functions .

Icon Function

Launches the Key Generation Wizard. Click this button to create a
new key pair.

Revokes the currently selected key or signature. Click this button to
disable a key or revoke a signature. Revoking a key will prevent
anyone from encrypting data to it.

Allows you to sign the curren tly selec ted key. By si gning the ke y, you
are certifying that the key and user ID belong to the identified user.

Deletes the currently selected item. Click this button to remove a
key, signature, or photographic ID.

Using PGP

Table 2-1. PGPkeys menu bar icons

Opens the Key Search window which allows you to search for keys
on local keyrings and remote servers.

Sends the currently selected key to the server. Click this button to
upload your key to the Certificate or domain server.

Updates the currently selected key from a Certificate or domain
server. Click this button to import keys from a Certificate or domain
server to your keyring.

Displays the Properties dialog box for the currently selected key.
Click this button to view the General and Subkey properties for a
key.

Allows you to import keys from file on to your keyring.

Allows you to export the selected key to a file.

User’s Guide 27

Using PGP

PGPkeys window icons

The following table shows all of the mini-icons used in the PGPkeys window,
along with a description of what they represent.

Table 2-2. PGPkeys window icons

Icon Description

A gold key and user represents your Diffie-Hellman/DSS key pair,
which consists of your private key and your public key.

A single gold key represents a Diffie-Hellman/DSS public key.

A gray key and user represen ts you r RSA ke y pair, wh ich c onsists of
your private key and your public key.

A single gray key represents an RSA public key.

When a key or key pair is dimmed, the keys are temporarily
unavailable for encrypting and signing. You can disable a key from
the PGPkeys window, which prevents seldom-used keys from
cluttering up the Key Selection dialog box.

This icon indicates that a photographic user ID accompanies the
public key.

A key with a red X indicates that the key has been revoked. Users
revoke their keys when they are no longer valid or have been
compromised in some way.

A key with a clock indicates that the key has expired. A key’s
expiration date is established when the key is created.

An envelope represents the owner of the key and lists the user
names and email addresses associated with the key.

A gray circle indicates that the key is invalid.

A green circle indicates tha t the y key is val id. An add itiona l red circ le
in the ADK column indicates that the key has an associated
Additional Decryption Key; an additional gray circle in the ADK
column indicates tha t the key does n ot have an a ssociated Additi onal
Decryption Key.

A green circle and user indicates that you own the key, and that it is
implicitly trusted.

28 PGP Freeware

Using PGP

Table 2-2. PGPkeys window icons

A pencil or fountain pen indicates the signatures of the PGP users
who have vouched for the authenticity of the key.

- A signature with a red X through it indicates a revoked signature.

- A signature with a dimmed pencil icon indicates a bad or invalid
signature.

- A signature with a blue arrow next to it indicates that it is
exportable.

A certificate represents an X.509 certificate, a recognized electronic
document used to prove identity and public key ownership over a
communication network.

A clock indicates an expired X.509 certificate.
A red X indicates a revoked X.509 certificate.

An empty bar indicates an invalid key or an untrusted user.

A half-filled bar indicates a marginally valid key or marginally trusted
user.

A striped bar indicates a valid key that you own and is implicitly
trusted, regardless of the signatures on the key.

Using PGPtray

You can access many of the main PGP functions by clicking the lock icon ( )
which is normally located in the System tray, and then choosing the

appropriate menu item. (If you can’t find this icon in your System tray, run
PGPtray from the Start menu.)This feature provides immediate access to the
PGP functions regardless of which application you are using and is especially
useful if you are using an email application th at is not supported by the PGP
plug-ins.

NOTE: If you installed PGPnet, this icon will appear in your System



tray instead of the lock icon. The look of the PGPtray icon tells you if
PGPnet is off or not installed (gray lock), installed (yellow lock on a
network), or installed but not working (yellow lock on a network with a
red X).

A full bar indicates a completely valid key or a completely trusted
user.

User’s Guide 29

Using PGP

Performing PGP func tions from the Clipbo ard or Current Window

If you are using an email application that is not supported by the PGP
plug-ins, or if you are working with text generated by some other application,
you can perform your encryption/decryption and signature/verification
functions via the Windows Clipboard or within the current application
window.

Via the Windows Clipboard

For instance, to encrypt or sign text, you copy it from your application to the
Clipboard (
then paste (
intended recipients. When you receive an encrypted or signed email message,
you simply reverse the process and copy the encrypted text, known as
ciphertext from your a pplication to the Clipboard, decrypt and verify the
information, and then view the contents. After you view the decrypted
message, you can decide whether to save the information or retain it in its
encrypted form.

Within the Current Window

CTRL +C), encrypt and sign it using the appropriate PGP functions,

CTRL +V) it back into your application before sending it to the

You can perform the same cryptographic tasks using the Current Window
menu item, which copies the text in the current window to the Clipboard and
then performs the selected task.

Figure 2-2. PGPtray’s Current Window feature

30 PGP Freeware