How it Works
PGP
Loading...
Desktop
User's Guide
339 pgs2.75 Mb1
User's Guide
307 pgs2.84 Mb0
User's Guide
341 pgs3.86 Mb1
Instruction Manual
226 pgs2.66 Mb0
Instruction Manual [fr]
304 pgs7.29 Mb0
Quick Start Guide
13 pgs675.87 Kb0
User Manual [fr]
377 pgs4.58 Mb0
Guide rapide [fr]
13 pgs273.51 Kb0
Instruction Manual [fr]
371 pgs3.12 Mb0
Instruction Manual [fr]
239 pgs2.16 Mb0
User's Guide
203 pgs2.97 Mb0
Guide rapide [fr]
10 pgs490.23 Kb0
User Manual [fr]
323 pgs3.02 Mb0
User Manual [fr]
207 pgs1.87 Mb0
Guide rapide [fr]
15 pgs726.22 Kb0
Instruction Manual
294 pgs4.4 Mb0
Quick Start Guide
12 pgs498.53 Kb0
Instruction Manual
256 pgs2.91 Mb0
User's Guide
205 pgs2.04 Mb0
Table of contents
Loading...

PGP Desktop User's Guide

PGP® Desktop for Windows
User's Guide
Version Information
PGP Desktop for Windows User's Guide. PGP Desktop Version 10.0.3. Released October 2010.
Copyright Information
Copyright © 1991-2010 by PGP Corporation. All Rights Reserved. No part of this document can be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of PGP Corporation.
Trademark Information
Licensing and Patent Information
The IDEA cryptographic cipher described in U.S. patent number 5,214,703 is licensed from Ascom Tech AG. The CAST-128 encryption algorithm, implemented from RFC 2144, is available worldwide on a royalty-free basis for commercial and non-commercial uses. PGP Corporation has secured a license to the patent rights contained in the patent application Serial Number 10/655,563 by The Regents of the University of California, entitled Block Cipher Mode of Operation for Constructing a Wide-blocksize block Cipher from a Conventional Block Cipher. Some third-party software included in PGP Universal Server is licensed under the GNU General Public License (GPL). PGP Universal Server as a whole is not licensed under the GPL. If you would like a copy of the source code for the GPL software included in PGP Universal Server, contact PGP Support (https://support.pgp.com). PGP Corporation may have patents and/or pending patent applications covering subject matter in this software or its documentation; the furnishing of this software or documentation does not give you any license to these patents.
Acknowledgments
This product includes or may include:
-- The Zip and ZLib compression code, created by Mark Adler and Jean-Loup Gailly, is used with permission from the free Info-ZIP implementation, developed by zlib (http://www.zlib.net). -- Libxml2, the XML C parser and toolkit developed for the Gnome project and distributed and copyrighted under the MIT License found at http://www.opensource.org/licenses/mit-license.html. Copyright © 2007 by the Open Source Initiative. -- bzip2 1.0, a freely available high-quality data compressor, is copyrighted by Julian Seward, © 1996-2005. -- Application server (http://jakarta.apache.org/), web server (http://www.apache.org/), Jakarta Commons (http://jakarta.apache.org/commons/license.html) and log4j, a Java-based library used to parse HTML, developed by the Apache Software Foundation. The license is at www.apache.org/licenses/LICENSE-2.0.txt. -- Castor, an open-source, data-binding framework for moving data from XML to Java programming language objects and from Java to databases, is released by the ExoLab Group under an Apache 2.0-style license, available at http://www.castor.org/license.html. -- Xalan, an open-source software library from the Apache Software Foundation that implements the XSLT XML transformation language and the XPath XML query language, is released under the Apache Software License, version 1.1, available at http://xml.apache.org/xalan-j/#license1.1. -- Apache Axis is an implementation of the SOAP ("Simple Object Access Protocol") used for communications between various PGP products is provided under the Apache license found at
http://www.apache.org/licenses/LICENSE-2.0.txt. -- mx4j, an open-source implementation of the Java Management Extensions (JMX), is released under
an Apache-style license, available at http://mx4j.sourceforge.net/docs/ch01s06.html. -- jpeglib version 6a is based in part on the work of the Independent JPEG Group. (http://www.ijg.org/) -- libxslt the XSLT C library developed for the GNOME project and used for XML transformations is distributed under the MIT License http://www.opensource.org/licenses/mit-license.html. -- PCRE version 4.5 Perl regular expression compiler, copyrighted and distributed by University of Cambridge. ©1997-2006. The license agreement is at http://www.pcre.org/license.txt. -- BIND Balanced Binary Tree Library and Domain Name System (DNS) protocols developed and copyrighted by Internet Systems Consortium, Inc. (http://www.isc.org) -­Free BSD implementation of daemon developed by The FreeBSD Project, © 1994-2006. -- Simple Network Management Protocol Library developed and copyrighted by Carnegie Mellon University © 1989, 1991, 1992, Networks Associates Technology, Inc, © 2001- 2003, Cambridge Broadband Ltd. © 2001- 2003, Sun Microsystems, Inc., © 2003, Sparta, Inc, © 2003-2006, Cisco, Inc and Information Network Center of Beijing University of Posts and Telecommunications, © 2004. The license agreement for these is at http://net-snmp.sourceforge.net/about/license.html. -- NTP version 4.2 developed by Network Time Protocol and copyrighted to various contributors. -- Lightweight Directory Access Protocol developed and copyrighted by OpenLDAP Foundation. OpenLDAP is an open-source implementation of the Lightweight Directory Access Protocol (LDAP). Copyright © 1999-2003, The OpenLDAP Foundation. The license agreement is at http://www.openldap.org/software/release/license.html. Secure shell OpenSSH version 4.2.1 developed by OpenBSD project is released by the OpenBSD Project under a BSD-style license, available at
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/LICENCE?rev=HEAD. -- PC/SC Lite is a free implementation of PC/SC, a specification for
SmartCard integration is released under the BSD license. -- Postfix, an open source mail transfer agent (MTA), is released under the IBM Public License
1.0, available at http://www.opensource.org/licenses/ibmpl.php. -- PostgreSQL, a free software object-relational database management system, is released under a BSD-style license, available at http://www.postgresql.org/about/licence. -- PostgreSQL JDBC driver, a free Java program used to connect to a PostgreSQL database using standard, database independent Java code, (c) 1997-2005, PostgreSQL Global Development Group, is released under a BSD-style license, available at http://jdbc.postgresql.org/license.html. -- PostgreSQL Regular Expression Library, a free software object-relational database management system, is released under a BSD-style license, available at http://www.postgresql.org/about/licence. --
21.vixie-cron is the Vixie version of cron, a standard UNIX daemon that runs specified programs at scheduled times. Copyright © 1993, 1994 by Paul Vixie; used by permission. -- JacORB, a Java object used to facilitate communication between processes written in Java and the data layer, is open source licensed under the GNU Library General Public License (LGPL) available at http://www.jacorb.org/lgpl.html. Copyright © 2006 The JacORB Project. -- TAO (The ACE ORB) is an open-source implementation of a CORBA Object Request Broker (ORB), and is used for communication between processes written in C/C++ and the data layer. Copyright (c) 1993-2006 by Douglas C. Schmidt and his research group at Washington University, University of California, Irvine, and Vanderbilt University. The open source software license is available at
http://www.cs.wustl.edu/~schmidt/ACE-copying.html. -- libcURL, a library for downloading files via common network services, is open source software
provided under a MIT/X derivate license available at http://curl.haxx.se/docs/copyright.html. Copyright (c) 1996 - 2007, Daniel Stenberg. -- libuuid, a library used to generate unique identifiers, is released under a BSD-style license, available at
http://thunk.org/hg/e2fsprogs/?file/fe55db3e508c/lib/uuid/COPYING. Copyright (C) 1996, 1997 Theodore Ts'o. -- libpopt, a library that parses command
line options, is released under the terms of the GNU Free Documentation License available at http://directory.fsf.org/libs/COPYING.DOC. Copyright © 2000-2003 Free Software Foundation, Inc. -- gSOAP, a development tool for Windows clients to communicate with the Intel Corporation AMT chipset
on a motherboard, is distributed under the GNU Public License, available at http://www.cs.fsu.edu/~engelen/soaplicense.html. -- Windows Template Library (WTL) is used for developing user interface components and is distributed under the Common Public License v1.0 found at
http://opensource.org/licenses/cpl1.0.php. -- The Perl Kit provides several independent utilities used to automate a variety of maintenance functions and
is provided under the Perl Artistic License, found at http://www.perl.com/pub/a/language/misc/Artistic.html. -- rEFIt - libeg, provides a graphical interface library for EFI, including image rendering, text rendering, and alpha blending, and is distributed under the license found at
http://refit.svn.sourceforge.net/viewvc/*checkout*/refit/trunk/refit/LICENSE.txt?revision=288. Copyright (c) 2006 Christoph Pfisterer. All rights reserved.
-- Java Radius Client, used to authenticate PGP Universal Web Messenger users via Radius, is distributed under the Lesser General Public License (LGPL) found at http://www.gnu.org/licenses/lgpl.html. -- Yahoo! User Interface (YUI) library version 2.5.2, a Web UI interface library for AJAX. Copyright (c) 2009, Yahoo! Inc. All rights reserved. Released under a BSD-style license, available at http://developer.yahoo.com/yui/license.html. --
JSON-lib version 2.2.1, a Java library used to convert Java objects to JSON (JavaScript Object Notation) objects for AJAX. Distributed under the Apache
2.0 license, available at http://json-lib.sourceforge.net/license.html. -- EZMorph, used by JSON-lib, is distributed under the Apache 2.0 license, available at http://ezmorph.sourceforge.net/license.html. -- Apache Commons Lang, used by JSON-lib, is distributed under the Apache 2.0 license, available at
http://commons.apache.org/license.html. -- Apache Commons BeanUtils, used by JSON-lib, is distributed under the Apache 2.0 license, available at http://commons.apache.org/license.html.
Export Information
Export of this software and documentation may be subject to compliance with the rules and regulations promulgated from time to time by the Bureau of Export Administration, United States Department of Commerce, which restricts the export and re-export of certain products and technical data.
Limitations
The software provided with this documentation is licensed to you for your individual use under the terms of the End User License Agreement provided with the software. The information in this document is subject to change without notice. PGP Corporation does not warrant that the information meets your requirements or that the information is free of errors. The information may include technical inaccuracies or typographical errors. Changes may be made to the information and incorporated in new editions of this document, if and when made available by PGP Corporation.
4
Contents
About PGP Desktop 10.0 for Windows
What's New in PGP Desktop for Windows Version 10.0 1
What's New in PGP Desktop 10.0 2
Using this Guide 4
“Managed” versus “Unmanaged” Users 5
Conventions Used in This Guide 6 Who Should Read This Document 6 About PGP Desktop Licensing 6
Licensing PGP Desktop for Windows 7
Checking License Details 7
If Your License has Expired 9 Getting Assistance 10
Getting product information 10
Contact Information 11
1
PGP Desktop Basics 13
PGP Desktop Terminology 13
PGP Product Components 13
Terms Used in PGP Desktop 14 Conventional and Public Key Cryptography 16
Learning More About Cryptography 17 Using PGP Desktop for the First Time 17
Installing PGP Desktop 21
Before You Install 21
System Requirements 21
Citrix and Terminal Services Compatibility 22 Installing and Configuring PGP Desktop 22
Installing the Software 23
Upgrading the Software 23
Licensing PGP Desktop 25
Running the Setup Assistant 25 Uninstalling PGP Desktop 26 Moving Your PGP Desktop Installation From One Computer to Another 26
The PGP Desktop User Interface 29
Accessing PGP Desktop Features 29
The PGP Desktop Main Screen 30
Using the PGP Tray Icon 31
Using Shortcut Menus in Windows Explorer 33
i
PGP® Desktop for Windows Contents
Using the Start Menu 34 PGP Desktop Notifier alerts 34
PGP Desktop Notifier for Messaging 34
PGP Desktop Notifier for Disk features 37
Enabling or Disabling Notifiers 38 Viewing the PGP Log 39
Working with PGP Keys 41
Viewing Keys 41 Creating a Keypair 42
Passwords and Passphrases 44 Protecting Your Private Key 45
Protecting Keys and Keyrings 46
Backing up Your Private Key 46
What if You Lose Your Key? 47 Distributing Your Public Key 47
Placing Your Public Key on a Keyserver 48
Including Your Public Key in an Email Message 49
Exporting Your Public Key to a File 49
Copying from a Smart Card Directly to Someone’s Keyring 50 Getting the Public Keys of Others 50
Getting Public Keys from a Keyserver 51
Getting Public Keys from Email Messages 52 Working with Keyservers 52 Using Master Keys 53
Adding Keys to the Master Key List 54
Deleting Keys from the Master Key List 54
Managing PGP Keys 55
Examining and Setting Key Properties 55 Working With Photographic IDs 57 Managing User Names and Email Addresses on a Key 57 Importing Keys and X.509 Certificates 59
Using the Import Certificate Assistant 59 Changing Your Passphrase 61 Deleting Keys, User IDs, and Signatures 62 Disabling and Enabling Public Keys 62 Verifying a Public Key 63 Signing a Public Key 64
Revoking Your Signature from a Public Key 65 Granting Trust for Key Validations 66 Working with Subkeys 67
Using Separate Subkeys 68
Viewing Subkeys 69
Creating New Subkeys 70
Specifying Key Usage for Subkeys 70
ii
PGP® Desktop for Windows Contents
Revoking Subkeys 72
Removing Subkeys 72 Working with ADKs 72
Adding an ADK to a Keypair 73
Updating an ADK 73
Removing an ADK 73 Working with Revokers 74
Appointing a Designated Revoker 74
Revoking a Key 75 Splitting and Rejoining Keys 75
Creating a Split Key 75
Rejoining Split Keys 76 If You Lost Your Key or Passphrase 78
Reconstructing Keys with PGP Universal Server 79
Creating Key Reconstruction Data 79
Reconstructing Your Key if You Lost Your Key or Passphrase 81 Protecting Your Keys 83
Securing Email Messages 85
How PGP Desktop Secures Email Messages 85
Incoming Messages 86
Outgoing Messages 88
Sending MAPI Email with Microsoft Outlook 88
Using the Sign and Encrypt Buttons in Microsoft Outlook 89 Using Offline Policy 90 Services and Policies 91
Viewing Services and Policies 92
Creating a New Messaging Service 94
Editing Messaging Service Properties 97
Disabling or Enabling a Service 98
Deleting a Service 98
Multiple Services 99
Troubleshooting PGP Messaging Services 99 Creating a New Security Policy 101
Regular Expressions in Policies 106
Security Policy Information and Examples 108 Working with the Security Policy List 112
Editing a Security Policy 112
Editing a Mailing List Policy 113
Deleting a Security Policy 117
Changing the Order of Policies in the List 118 PGP Desktop and SSL 118 Key Modes 120
Determining Key Mode 121
Changing Key Mode 122 Viewing the PGP Log 123
iii
PGP® Desktop for Windows Contents
Securing Instant Messaging 125
About PGP Desktop’s Instant Messaging Compatibility 125
Instant Messaging Client Compatibility 126 About the Keys Used for Encryption 127 Encrypting your IM Sessions 127
Viewing Email with PGP Viewer 129
Overview of PGP Viewer 129
Compatible Email Clients 130 Opening an Encrypted Email Message or File 130 Copying Email Messages to Your Inbox 132 Exporting Email Messages 132 Specifying Additional Options 132 Specifying Options in PGP Viewer 133 Security Features in PGP Viewer 134
Protecting Disks with PGP Whole Disk Encryption 135
About PGP Whole Disk Encryption 136
How does PGP WDE Differ from PGP Virtual Disk? 137 Licensing PGP Whole Disk Encryption 137
License Expiration 138 Prepare Your Disk for Encryption 138
Supported Disk Types 139
Supported Keyboards 140
Ensure Disk Health Before Encryption 142
Calculate the Encryption Duration 143
Maintain Power Throughout Encryption 144
Run a Pilot Test to Ensure Software Compatibility 144 Determining the Authentication Method for the Disk 145
Passphrase and Single Sign-On Authentication 145
Public Key Authentication 146
Token-Based Authentication 146
Two-Factor Authentication Using a USB Flash Device 146
Trusted Platform Module (TPM) Authentication 147 Setting Encryption Options 148
Partition-Level Encryption 149
Preparing a Smart Card or Token to Use For Authentication 149
Using PGP Whole Disk Encryption Options 152 Encrypting a Disk or Partition 154
Supported Characters for PGP WDE Passphrases 155
Encrypting the Disk 156
Encountering Disk Errors During Encryption 159 Using a PGP WDE-Encrypted Disk 159
Authenticating at the PGP BootGuard Screen 160
iv
PGP® Desktop for Windows Contents
Selecting Keyboard Layouts 163 Using PGP WDE Single Sign-On 165
Prerequisites for Using Single Sign-On 165
Encrypting the Disk to Use Single Sign-On 166
Multiple Users and Single Sign-On 166
Logging in with Single Sign-On 166
Changing Your Passphrase With Single Sign-On 167
Displaying the Windows Login dialog box 167 Maintaining the Security of Your Disk 168
Getting Disk or Partition Information 168
Using the Bypass Feature 169
Adding Other Users to an Encrypted Disk or Partition 169
Deleting Users From an Encrypted Disk or Partition 170
Changing User Passphrases 171
Re-Encrypting an Encrypted Disk or Partition 172
If you Forgot Your Passphrase 173
Backing Up and Restoring 175
Uninstalling PGP Desktop from Encrypted Disks or Partitions 175 Working with Removable Disks 175
Encrypting Removable Disks 176
Using Locked (Read-Only) Disks as Read-Only 177
Moving Removable Disks to Other Systems 177
Reformatting an Encrypted Removable Disk 178 Using PGP WDE in a PGP Universal Server-Managed Environment 178
PGP Whole Disk Encryption Administration 178
Creating a Recovery Token 180
Using a Recovery Token 180 Recovering Data From an Encrypted Drive 181
Creating and Using Recovery Disks 181 Decrypting a PGP WDE-Encrypted Disk 183 Special Security Precautions Taken by PGP Desktop 184
Passphrase Erasure 184
Virtual Memory Protection 185
Hibernation vs Standby 185
Memory Static Ion Migration Protection 185
Other Security Considerations 185 Using the Windows Preinstallation Environment 186
Using PGP Whole Disk Encryption with IBM Lenovo ThinkPad Systems 186
Using PGP Whole Disk Encryption with the Microsoft Windows XP Recovery Console187
Using PGP Virtual Disks 189
About PGP Virtual Disks 190 Creating a New PGP Virtual Disk 191 Viewing the Properties of a PGP Virtual Disk 194 Finding PGP Virtual Disks 194 Using a Mounted PGP Virtual Disk 194
Mounting a PGP Virtual Disk 195
Unmounting a PGP Virtual Disk 195
v
PGP® Desktop for Windows Contents
Compacting a PGP Virtual Disk 196
Re-Encrypting PGP Virtual Disks 197 Working with Alternate Users 198
Adding Alternate User Accounts to a PGP Virtual Disk 198
Deleting Alternate User Accounts from a PGP Virtual Disk 198
Disabling and Enabling Alternate User Accounts 199
Changing Read/Write and Read-Only Status 200
Granting Administrator Status to an Alternate User 200 Changing User Passphrases 201 Deleting PGP Virtual Disks 201 Maintaining PGP Virtual Disks 202
Mounting PGP Virtual Disk Volumes on a Remote Server 202
Backing up PGP Virtual Disk Volumes 202
Exchanging PGP Virtual Disks 203 The PGP Virtual Disk Encryption Algorithms 203 Special Security Precautions Taken by PGP Virtual Disk 204
Passphrase Erasure 204
Virtual Memory Protection 205
Hibernation 205
Memory Static Ion Migration Protection 205
Other Security Considerations 206
Creating and Accessing Mobile Data with PGP Portable 207
Creating PGP Portable Disks 207
Creating a PGP Portable Disk from a Folder 208
Creating a PGP Portable Disk from a Removable USB Device 209
Creating Read/Write or Read-Only PGP Portable Disks 210 Accessing Data on a PGP Portable Disk 210
Changing the Passphrase for a PGP Portable Disk 211
Unmounting a PGP Portable Disk 212
Using PGP NetShare 215
About PGP NetShare 216
PGP NetShare Roles 218 Licensing PGP NetShare 218 Authorized User Keys 219 Establishing a PGP NetShare Admin (Owner) 219 "Blacklisted" and "Whitelisted" Files, Folders, and Applications 220
“Blacklisted” and Other Files You Cannot Protect 220
"Blacklisted" and "Whitelisted" Folders Specified by PGP Universal Server 221
Application-based Encryption and Decryption Bypass Lists 221 Working with Protected Folders 222
Choosing the Location for a Protected Folder 223
Creating a New PGP NetShare Protected Folder 224
Using Files in a PGP NetShare Protected Folder 227
Unlocking a Protected Folder 227
vi
PGP® Desktop for Windows Contents
Determining the Files in a Protected Folder 228
Adding Subfolders to a Protected Folder 229
Checking Folder Status 229
Copying Protected Folders to Other Locations 230 Working with PGP NetShare Users 231
Adding a PGP NetShare User 231
Changing a User's Role 232
Deleting a User from a Protected Folder 233 Importing PGP NetShare Access Lists 234 Working with Active Directory Groups 235
Setting up PGP NetShare to Work with Groups 235
Refreshing Groups 236 Decrypting PGP NetShare-Protected Folders 236 Re-Encrypting a Folder 237 Clearing a Passphrase 238 Protecting Files Outside of a Protected Folder 238 Backing Up PGP NetShare-Protected Files 240 Accessing PGP NetShare Features using the Shortcut Menu 241 PGP NetShare in a PGP Universal Server-managed Environment 241 Accessing the Properties of a Protected File or Folder 243 Using the PGP NetShare Menus in PGP Desktop 244
The File Menu 244
The Edit Menu 244
The NetShare Menu 244
Using PGP Zip 247
Overview 247 Creating PGP Zip Archives 248
Encrypting to Recipient Keys 250
Encrypting with a Passphrase 252
Creating a PGP Self-Decrypting Archive (SDA) 254
Creating a Sign Only Archive 255 Opening a PGP Zip Archive 257 Opening a PGP Zip SDA 258 Editing a PGP Zip Archive 258 Verifying Signed PGP Zip Archives 260
Shredding Files with PGP Shredder 263
Using PGP Shredder to Permanently Delete Files and Folders 263
Shredding Files using the PGP Shredder Icon on Your Desktop 265
Shredding Files From Within PGP Desktop 265
Shredding Files in Windows Explorer 265 Using the PGP Shred Free Space Assistant 266
Scheduling Free Space Shredding 267
vii
PGP® Desktop for Windows Contents
Storing Keys on Smart Cards and Tokens 269
About Smart Cards and Tokens 269
Compatible Smart Cards 271
Recognizing Smart Cards 272 Examining Smart Card Properties 273 Generating a PGP Keypair on a Smart Card 273 Copying your Public Key from a Smart Card to a Keyring 275 Copying a Keypair from Your Keyring to a Smart Card 275 Wiping Keys from Your Smart Card 277 Using Multiple Smart Cards 277 Special-Use Tokens 278
Configuring the Aladdin eToken 279
Setting PGP Desktop Options 281
Accessing the PGP Options dialog box 281 General Options 282 Keys Options 284 Master Keys Options 287 Messaging Options 287
Proxy Options 290 PGP NetShare Options 293 Disk Options 294 Notifier Options 297 Advanced Options 299
Working with Passwords and Passphrases 303
Choosing whether to use a password or passphrase 303 The Passphrase Quality Bar 304 Creating Strong Passphrases 305 What if You Forget Your Passphrase? 307
Using PGP Desktop with PGP Universal Server 309
Overview 309 For PGP Administrators 310 Manually binding to a PGP Universal Server 311
Using PGP Desktop with IBM Lotus Notes 313
About Lotus Notes and MAPI Compatibility 313 Using PGP Desktop with Lotus Notes 314
Sending email to recipients inside your Lotus Notes organization 314
Sending email to recipients outside your Lotus Notes organization 314
viii
PGP® Desktop for Windows Contents
Binding to a PGP Universal Server 315
Pre-Binding 315
Manual Binding 315 Notes Addresses 316 Notes Client Settings 316
The Notes.ini Configuration File 317 Using Lotus Notes Native Encryption 317
Index 319
ix
About PGP Desktop 10.0
1
for Windows
PGP Desktop is a security tool that uses cryptography to protect your data against unauthorized access.
PGP Desktop protects your data while being sent by email or by instant messaging (IM). It lets you encrypt your entire hard drive or hard drive partition (on Windows systems)—so everything is protected all the time—or just a portion of your hard drive, via a virtual disk on which you can securely store your most sensitive data. You can use it to share your files and folders securely with others over a network. It lets you put any combination of files and folders into an encrypted, compressed package for easy distribution or backup. Finally, use PGP Desktop to shred (securely delete) sensitive files—so that no one can retrieve them—and shred free space on your hard drive, so there are no unsecured remains of any files.
Use PGP Desktop to create PGP keypairs and manage both your personal keypairs and the public keys of others.
To make the most of PGP Desktop, you should be familiar with PGP Desktop Terminology (on page public-key cryptography, as described in Conventional and Public Key Cryptography (on page
13). You should also understand conventional and
16).
In This Chapter
What's New in PGP Desktop for Windows Version 10.0.......................... 1
Using this Guide......................................................................................... 4
Who Should Read This Document............................................................. 6
About PGP Desktop Licensing................................................................... 6
Getting Assistance................................................................................... 10

What's New in PGP Desktop for Windows Version 10.0

Building on PGP Corporation’s proven technology, PGP Desktop 10.0 for Windows includes numerous improvements and the following new and resolved features.
1
PGP® Desktop for Windows About PGP Desktop 10.0 for Windows

What's New in PGP Desktop 10.0

PGP Desktop Version 10.0.3
This release of PGP Desktop includes resolution for minor issues. No new
features are included in this release.
PGP Desktop Version 10.0.0
General
Additional supported operating systems. PGP Desktop for Windows can
now be installed on Windows 7.
New localized versions. PGP Desktop has been localized and can now be
installed in French (France) and Spanish (Latin America).
Support for new smart cards. For both pre- and post-boot in PGP Desktop
for Windows:
Axalto Cyberflex Access 32K V2 smart card
PGP Keys
Giesecke and Devrient Sm@rtCafe Expert 3.2 personal identity
verification cards
Oberthur ID-One Cosmo V5.2D personal identity verification cards
SafeNet iKey 2032 USB token
T-Systems Telesec NetKey 3.0 and TCOS 3.0 IEI cards
Redesigned interface. The main user application window in PGP Desktop
for Windows has been redesigned.
PGP Universal Server connectivity. Increased resiliency of PGP Desktop
when connectivity to the PGP Universal Server is dependent on a VPN connection or is otherwise intermittent.
Enhanced Server Key Mode (SKM) keys. SKM keys now include the
entire key on your keyring. In addition, SKM keys can now be used for encryption functions such as disk and file encryption and decryption, as well as decrypting MAPI email messages when you are offline.
Keyring location. In PGP Desktop for Windows, you can use environment
variables to specify the location of your keyrings.
Key usage flags. Each subkey can now have its own key usage properties,
so that one subkey could be used for PGP WDE only, and another could be used for all other PGP Desktop functions. Set the key usage of a key when you want to use a key for disk encryption only but you do not want to receive encrypted email using that key.
2
PGP® Desktop for Windows About PGP Desktop 10.0 for Windows
Universal Server Protocol (USP) key searches. The PGP Universal
Services Protocol (USP) is a SOAP protocol operating over standard HTTP/HTTPS ports. This is now the default key lookup mechanism. If you are in a PGP Universal Server-managed environment, all key search requests as well as all other communications between the PGP Universal Server and PGP Desktop use PGP USP.
PGP Messaging
PGP Viewer. Use PGP Viewer to decrypt and view legacy
IMAP/POP/SMTP email messages.
Lotus Notes. PGP Desktop now provides the ability to encrypt mail
messages using Lotus Notes native encryption if PGP Desktop is configured to do so and the recipient is an internal Notes user.
Lotus Notes. PGP Desktop now provides the ability to encrypt Lotus Notes
RTF-formatted email messages using PGP/MIME, S/MIME, or PGP Partitioned formats.
Lotus Notes. PGP annotations in messages now honor the regional
settings for date and time stamp.
Microsoft Outlook buttons added. Buttons enable you to manually add
encryption and/or your digital signature to your Outlook emails. This new feature provides compliance with digital signature laws that require showing intent to sign.
Offline policy enhancements. In a managed environment, mail policy is
PGP Portable
Previously available as a standalone option, PGP Portable is now included in
PGP Whole Disk Encryption
Additional smart card compatibility. New cards added for pre-boot
Personal Identity Verification (PIV) card support. Support has been
Additional Keyboard Compatibility (Windows). A total of 50 international
now enforced even if you are offline and not connected to the PGP Universal Server or if the server itself is offline.
PGP Desktop. PGP Portable Disks can be created on Windows systems. This functionality requires a separate license.
authentication in PGP Whole Disk Encryption for Windows include Axalto Cyberflex Access 32K V2, Marx CrypToken USB token, SafeNet iKey 2032 USB token, and T-Systems T-Telesec NetKey smart card.
added in PGP Whole Disk Encryption for Windows for users with Giesecke and Devrient Sm@rtCafe Expert 3.2 and Oberthur ID-One Cosmo V5.2D personal identity verification cards.
language keyboards can now be used to log in at PGP BootGuard. For a list of all compatible keyboards, see the PGP Desktop for Windows User's Guide or online help.
3
PGP® Desktop for Windows About PGP Desktop 10.0 for Windows
Full disk encryption support on Linux. PGP WDE for Linux provides full
disk encryption with pre-boot authentication on Ubuntu and Red Hat. For more information, see the PGP Whole Disk Encryption for Linux Command Line Guide.
Local self recovery. PGP Desktop for Windows now provides a way for
you to access your encrypted drive from the PGP BootGuard screen if you have forgotten your passphrase. When configured, you won't have to contact your administrator for assistance.
Multi-user enhancements. In an environment where multiple users may
access a group of computers, the PGP Universal Server administrator can define a PGP WDE Admin password. When you enter this password at the PGP BootGuard screen on a PGP Desktop for Windows system, you are prompted to enter your Windows passphrase and the disk is decrypted.
Force encryption enhancements. When your PGP Universal Server
administrator changes policy to require that all disks be encrypted, the next time policy is downloaded to your system, the PGP WDE assistant is displayed so you can begin to encrypt your disk.
Additional token support for PGP BootGuard. The Marx CrypToken USB
token can now be used at the PGP BootGuard for PGP Desktop for Windows.
Extended ASCII character support. Extended ASCII characters can now
Kanji characters. Kanji characters are now displayed correctly in the PGP
Windows Server operating systems. PGP WDE can now be installed on

Using this Guide

This Guide provides information on configuring and using the components within PGP Desktop. Each chapter of the guide is devoted to one of the components of PGP Desktop.
be used when creating PGP WDE users.
BootGuard screen.
Windows Server operating systems (Windows Server 2003 and Windows Server 2008). For additional system requirements and best practices information on using PGP WDE on Windows Server systems, see PGP KB article 1737 (
http://support.pgp.com/?faq=1737).
4
PGP® Desktop for Windows About PGP Desktop 10.0 for Windows

“Managed” versus “Unmanaged” Users

A PGP Universal Server can be used to control the policies and settings used by components of PGP Desktop. This is often the case in enterprises using PGP software. PGP Desktop users in this configuration are known as managed users, because the settings and policies available in their PGP Desktop software are pre-configured by a PGP administrator and managed using a PGP Universal Server. If you are part of a managed environment, your company may have specific usage requirements. For example, managed users may or may not be allowed to send plaintext email, or may be required to encrypt their disk with PGP Whole Disk Encryption.
Users not under the control of a PGP Universal Server are called unmanaged or standalone users.
This document describes how PGP Desktop works in both situations; however, managed users may discover while working with the product that some of the settings described in this document are not available in their environments. For more information, see Using PGP Desktop with PGP Universal Server (on page
309).
Note: References to PGP Universal Server-managed environments do not
apply to the PGP Virtual Disk or PGP Virtual Disk Professional products.
Features Customized by Your PGP Universal Server Administrator
If you are using PGP Desktop as a "managed" user in a PGP Universal Server-managed environment, there are some settings that can be specified by your administrator. These settings may change the way features are displayed in PGP Desktop.
Disabled features. Your PGP Universal Server administrator can enable or
disable specific functionality. For example, your administrator may disable the ability to create PGP Zip archives, or to create PGP NetShare protected folders (on Windows systems).
When a feature is disabled, the control item in the left side is not displayed and the menu for that feature is not available. The graphics included in this guide depict the default installation with all features enabled. The PGP Desktop interface may look different if your administrator has customized the features available.
Customized BootGuard. If you are using PGP Desktop in a PGP Universal
Server-managed environment, your PGP administrator may have customized the PGP Whole Disk Encryption BootGuard screen to include additional text or a custom image such as your organization's logo. The graphics included in this guide depict the default installation. Your actual login screen may look different if your administrator has customized the screen.
5
PGP® Desktop for Windows About PGP Desktop 10.0 for Windows

Conventions Used in This Guide

Notes, Cautions, and Warnings are used in the following ways.
Notes: Notes are extra, but important, information. A Note calls your attention
to important aspects of the product. You will be able to use the product better if you read the Notes.
Cautions: Cautions indicate the possibility of loss of data or a minor security
breach. A Caution tells you about a situation where problems could occur unless precautions are taken. Pay attention to Cautions.
Warnings: Warnings indicate the possibility of significant data loss or a major
security breach. A Warning means serious problems are going to happen unless you take the appropriate action. Please take Warnings very seriously.

Who Should Read This Document

This document is for anyone who is going to be using the PGP Desktop for Windows software to protect their data.
Note: If you are new to cryptography and would like an overview of the
terminology and concepts in PGP Desktop, see An Introduction to Cryptography (it was installed onto your computer when you installed PGP
Desktop).

About PGP Desktop Licensing

A license is used within the PGP software to enable the functionality you purchased, and sets the expiration of the software. Depending on the license you have, some or all of the PGP Desktop family of applications will be active. Once you have entered the license, you must then authorize the software with PGP Corporation, either manually or online.
There are three types of licenses:
Evaluation: This type of license is typically time-delimited and may not
include all PGP Desktop functionality.
Subscription: This type of license is typically valid for a subscription period
of one year. During the subscription period, you receive the current version of PGP software and all upgrades and updates released during this period.
6
PGP® Desktop for Windows About PGP Desktop 10.0 for Windows
Perpetual: This type of license allows you to use PGP Desktop indefinitely.
With the addition of the annual Software Insurance policy, which must be renewed annually, you also receive all upgrades and updates released during the policy term.

Licensing PGP Desktop for Windows

To license PGP Desktop Do one of the following:
If you are a managed user, you are most likely already using a licensed copy
of PGP Desktop. Check your license details as described in Checking License Details (on page administrator.
If you are an unmanaged user, or a PGP administrator, check your license
details as described in Checking License Details (on page 7). If you need to authorize your copy of PGP Desktop, do so as described in Authorizing PGP Desktop for Windows (on page
7). If you have questions, please contact your PGP
8).

Checking License Details

To see the details of your PGP Desktop license
1 Double-click the PGP Desktop icon in the system tray.
2 Select Help > License. The PGP Desktop License dialog box is displayed.
This dialog box displays the following details:
Item Description
License Type The name of the licensed product.
License Seats The number of seats available for this license.
License Expiration The date when the license will expire.
7
PGP® Desktop for Windows About PGP Desktop 10.0 for Windows
Item Description
Product Information The components that are active in your
license. Move your cursor over the product name to see information about the product and to find out if you are currently licensed to use it.
Note: If you do not authorize your copy of PGP Desktop, only limited features
will be available to you (PGP Zip and Keys).
Authorizing PGP Desktop for Windows
If you need to change to a new license number, or if you skipped the license authorization process during configuration, follow these instructions to authorize your software.
Note: Make sure your Internet connection is active before proceeding. If you
have no Internet connection, you must submit a request for a manual authorization.
Before you begin
If you purchased PGP Desktop, you received an email order confirmation with an attached .PDF file.
1 Make a note of the name, organization, and license number you received in
the email order confirmation. These are shown in the section titled
Important Note in the .PDF. You will need these details during the
licensing process.
During configuration of your PGP Desktop software, you must type the name, organization, email address, and license number to authorize your copy of PGP Desktop with PGP Corporation's authorization server.
Note: Your license number also appears on the download page of your
PGP product.
Double-click the PGP Desktop icon in the System Tray.
2 Select Help > License. The PGP Desktop License dialog box is displayed.
3 Click Change License. The PGP Licensing Assistant dialog box is displayed.
4 Type the Name and Organization exactly as specified in your PGP email
order confirmation .PDF. These will be shown in the section titled
Important Note in the .PDF. If the Important Note section does not exist
in your .PDF, your first authorization attempt will set the name and organization permanently.
5 Type the email address you want to assign to the licensing of the product.
8
PGP® Desktop for Windows About PGP Desktop 10.0 for Windows
6 Type the email address again to confirm it.
Note: If you have previously authorized the same license number, you
must enter the same Name, Organization, and Email Address as you did the previous time. If you enter different information, authorization will fail.
7 Click Next.
8 Do one of the following:
Type your 28-character license number in the provided fields (for
example, DEMO1-DEMO2-DEMO3-DEMO4-DEMO5-ABC).
Note: To avoid typing errors and make the authorization easier, copy the
entire license number, put the cursor in the first “License Number” field, and paste. Your license number will be correctly entered into all six “License Number” fields.
To request a one-time, 30-day evaluation of PGP Desktop, select
Request a one-time 30 day Evaluation of PGP Desktop. When you
purchase a license, you can enter it any time before the end of the 30-day evaluation period. If you don’t enter a valid license, PGP Desktop will revert to unlicensed functionality when the 30-day evaluation period is over.
To purchase a PGP Desktop license, select Purchase a license
number now. A Web browser will open and take you to the online
PGP Store.
To use PGP Desktop without a license, select Use without a license
and disable most functionality. The only feature of PGP Desktop
you can use without a license is PGP Zip and Keys.
9 Click Next to authorize.
10 When PGP is authorized, the features enabled by your license will be
displayed. Click Next, and then click Finish to complete the process.
Resolving License Authorization Errors
If you receive any error messages while authorizing your software, the ways to resolve this issue vary based on the error message. See the HOWTO: License PGP Desktop 9.x section in the PGP Support Portal ( suggestions.

If Your License has Expired

If your PGP Desktop license has expired, you will receive a PGP License Expiration message when you launch PGP Desktop. See the following sections for information on how an expired license affects the functionality of PGP Desktop.
https://support.pgp.com) for
9
PGP® Desktop for Windows About PGP Desktop 10.0 for Windows
PGP Desktop Email
Outgoing email messages are no longer sent encrypted.
PGP NetShare
PGP NetShare protected folders can be accessed however the protected
files remain encrypted. (To view the encrypted files, manually decrypt the folders and files.)
New PGP NetShare protected folders cannot be created.
Files moved into a protected folder are not encrypted.
Keys cannot be added or removed from PGP NetShare protected folders.
PGP Virtual Disk
PGP Virtual Disks are still accessible in Read-Only mode. Read-Only allows
data to be copied from a PGP Virtual Disk, however no data can be copied to a PGP Virtual Disk.
PGP Whole Disk Encryption
Any fixed disks that have been encrypted with PGP Desktop are
automatically decrypted 90 days after the license expiration date.

Getting Assistance

For additional resources, see these sections.

Getting product information

Unless otherwise noted, online help is installed and is available within the PGP Desktop product. Release notes are also available, which may have last-minute information not found in the product documentation. The users guide and quick start guides, provided as Adobe Acrobat PDF files, are available on the PGP Corporation Support Portal (
Once PGP Desktop is released, additional information regarding the product is entered into the online Knowledge Base available on the PGP Support Knowledge Base (
https://support.pgp.com).
https://support.pgp.com/?faq=589).
10
PGP® Desktop for Windows About PGP Desktop 10.0 for Windows

Contact Information

Contacting Technical Support
To learn about PGP support options and how to contact PGP Technical
Support, please visit the PGP Corporation Support Home Page
https://support.pgp.com).
(
To access the PGP Support Knowledge Base or request PGP Technical
Support, please visit PGP Support Portal Web Site (
https://support.pgp.com). Note that you may access portions of the PGP
Support Knowledge Base without a support agreement; however, you must have a valid support agreement to request Technical Support.
To access the PGP Support forums, please visit PGP Support
http://forum.pgp.com). These are user community support forums hosted
( by PGP Corporation.
Contacting Customer Service
For help with orders, downloads, and licensing, please visit PGP
Corporation Customer Service (
https://pgp.custhelp.com/app/cshome).
Contacting Other Departments
For any other contacts at PGP Corporation, please visit the PGP Contacts
Page (
http://www.pgp.com/about_pgp_corporation/contact/index.html).
For general information about PGP Corporation, please visit the PGP Web
Site (
http://www.pgp.com).
11

PGP Desktop Basics

2
This section describes the PGP Desktop terminology and provides some high-level conceptual information on cryptography.
In This Chapter
PGP Desktop Terminology....................................................................... 13
Conventional and Public Key Cryptography ............................................. 16
Using PGP Desktop for the First Time..................................................... 17

PGP Desktop Terminology

To make the most of PGP Desktop, you should be familiar with the terms in the following sections.

PGP Product Components

PGP Desktop and its components are described in the following list. Depending on your license, you may not have all functionality available. For more information, see About PGP Desktop Licensing (see " Windows" on page
PGP Desktop: A software tool that uses cryptography to protect your data
against unauthorized access. PGP Desktop is available for Mac OS X and Windows.
PGP Messaging: A feature of PGP Desktop that automatically and
transparently supports all of your email clients through policies you control. PGP Desktop accomplishes this using a new proxy technology; the older plug-in technology is also available. PGP Messaging also protects many IM clients, such as AIM and iChat (both users must have PGP Messaging enabled).
PGP Whole Disk Encryption: Whole Disk Encryption is a feature of
PGP Desktop that encrypts your entire hard drive or partition (on Windows systems), including your boot record, thus protecting all your files when you are not using them. You can use PGP Whole Disk Encryption and PGP Virtual Disk volumes on the same system. On Windows systems, you can protect whole disk encrypted drives with a passphrase or with a keypair on a USB token for added security.
Licensing PGP Desktop for
7).
13
PGP® Desktop for Windows PGP Desktop Basics
PGP NetShare: A feature of PGP Desktop for Windows with which
you can securely and transparently share files and folders among selected individuals. PGP NetShare users can protect their files and folders simply by placing them within a folder that is designated as protected.
PGP Keys: A feature of PGP Desktop that gives you complete control
over both your own PGP keys, and the keys of those persons with whom you are securely exchanging email messages.
PGP Virtual Disk volumes: PGP Virtual Disk volumes are a feature of
PGP Desktop that let you use part of your hard drive space as an encrypted virtual disk. You can protect a PGP Virtual Disk volume with a key or a passphrase. You can even create additional users for a volume, so that people you authorize can also access the volume. The PGP Virtual Disk feature is especially useful on laptops, because if your computer is lost or stolen, the sensitive data stored on the PGP Virtual Disk is protected against unauthorized access.
PGP Shred: A feature of PGP Desktop that lets you securely delete
data from your system. PGP Shred overwrites files so that even file recovery software cannot recover them.
PGP Viewer: Use PGP Viewer decrypt, verify, and display messages
outside the mail stream
PGP Zip: A feature of PGP Desktop that lets you put any combination
of files and folders into a single encrypted, compressed package for convenient transport or backup. You can encrypt a PGP Zip archive to a PGP key or to a passphrase.
PGP Universal: A tool for enterprises to automatically and transparently
secure email messaging for their employees. If you are using PGP Desktop in a PGP Universal Server-managed environment, your messaging policies and other settings may be controlled by your organization’s PGP administrator.
PGP Global Directory: A free, public keyserver hosted by PGP
Corporation. The PGP Global Directory provides quick and easy access to the universe of PGP keys. It uses next-generation keyserver technology that queries the email address on a key (to verify that the owner of the email address wants their key posted) and lets users manage their own keys. Using the PGP Global Directory significantly enhances your chances of finding a valid public key of someone to whom you want to send secured messages. PGP Desktop is designed to work closely with the PGP Global Directory.

Terms Used in PGP Desktop

Before you use PGP Desktop, you should be familiar with the following terms:
14
PGP® Desktop for Windows PGP Desktop Basics
Decrypting: The process of taking encrypted (scrambled) data and making
it meaningful again. When you receive data that has been encrypted by someone using your public key, you use your private key to decrypt the data.
Encrypting: The process of scrambling data so that if an unauthorized
person gets access to it, they cannot do anything with it. The data is so scrambled, it’s meaningless.
Signing: The process of applying a digital signature to data using your
private key. Because data signed by your private key can be verified only by your public key, the ability to verify signed data with your public key proves that your private key signed the data and thus proves the data is from you.
Verifying: The process of proving that the private key was used to digitally
sign data by using that person’s public key. Because data signed by a private key can only be verified by the corresponding public key, the fact that a particular public key can verify signed data proves the signer was the holder of the private key.
Keypair: A private key/public key combination. When you create a PGP
“key”, you are actually creating a keypair. As your keypair includes your name and your email address, in addition to your private and public keys, it might be more helpful to think of your keypair as your digital ID—it identifies you in the digital world as your driver’s license or passport identifies you in the physical world.
Private key: The key you keep very, very private. Only your private key can
decrypt data that was encrypted using your public key. Also, only your private key can create a digital signature that your public key can verify.
Caution: Do not give your private key, or its passphrase, to anyone! And
keep your private key safe.
Public key: The key you distribute to others so that they can send
protected messages to you (messages that can only be decrypted by your private key) and so they can verify your digital signature. Public keys are meant to be widely distributed.
Your public and private keys are mathematically related, but there’s no way to figure out your private key if someone has your public key.
Keyserver: A repository for keys. Some companies host keyservers for the
public keys of their employees, so other employees can find their public keys and send them protected messages. The PGP Global Directory
https://keyserver.pgp.com) is a free, public keyserver hosted by PGP
( Corporation.
15
PGP® Desktop for Windows PGP Desktop Basics
Smart cards and tokens: Smart cards and tokens are portable devices on
which you can create your PGP keypair or copy your PGP keypair. Creating your PGP keypair on a smart card or token adds security by requiring possession of the smart card or token in order to encrypt, sign, decrypt, or verify. So even if an unauthorized person gains access to your computer, your encrypted data is secure because your PGP keypair is with you on your smart card or token. Copying your PGP keypair to a smart card or token is a good way to use it away from your main system, back it up, and distribute your public key. Smart cards and tokens are not available for key storage when used with PGP Desktop for Mac OS X.

Conventional and Public Key Cryptography

Conventional cryptography uses the same passphrase to encrypt and decrypt
data. Conventional cryptography is great for data that isn’t going anywhere (because it encrypts and decrypts quickly). However, conventional cryptography is not as well suited for situations where you need to send encrypted data to someone else, especially if you want to send encrypted data to someone you have never met.
Public-key cryptography uses two keys (called a keypair) for encrypting and decrypting. One of these two keys is your private key; and, like the name suggests, you need to keep it private. Very, very private. The other key is your public key, and, like its name suggests, you can share it with the general public. In fact, you’re supposed to share.
Public-key cryptography works this way: let’s say you and your cousin in another city want to exchange private messages. Both of you have PGP Desktop. First, you both need to create your keypair: one private key and one public key. Your private key you keep secret, your public key you send to a public keyserver like the PGP Global Directory (keyserver.pgp.com), which is a public facility for distributing public keys. (Some companies have their own private keyservers.)
Once the public keys are on the keyserver, you can go back to the keyserver and get your cousin’s public key, and she can go to the keyserver and get yours (there are other ways to exchange public keys; for more information, see Working with PGP Keys (on page encrypted email message that only your cousin can decrypt, you encrypt it using your cousin’s public key. What makes this work is that only your cousin’s private key can decrypt a message that was encrypted using her public key. Even you, who have her public key, cannot decrypt the message once it has been encrypted using her public key. Only the private key can decrypt data that
was encrypted with the corresponding public key.
Your public and private keys are mathematically related, but there’s no feasible way to figure out someone’s private key if you just have a public key.
41)). This is important because to send an
16
PGP® Desktop for Windows PGP Desktop Basics

Learning More About Cryptography

For more information about cryptography, see An Introduction to Cryptography, which was installed on your system when PGP Desktop was installed. It is available through the Start menu.

Using PGP Desktop for the First Time

PGP Corporation recommends the following procedure for getting started with PGP Desktop:
1 Install PGP Desktop on your computer.
If you are a corporate user, your PGP administrator may have specific installation instructions for you to follow or may have configured your PGP installer with certain settings. Either way, this is the first step.
2 Let the Setup Assistant be your guide.
To help you get started, after you install PGP Desktop and reboot your computer, the Setup Assistant is displayed. It assists with:
Licensing PGP Desktop
Creating a keypair—with or without subkeys (if you do not already
have a keypair).
Publishing your public key on the PGP Global Directory.
Enabling PGP Messaging
Giving you a quick overview of other features.
If your PGP Desktop installer application was configured by a PGP administrator, the Setup Assistant may perform other tasks.
3 Exchange public keys with others.
After you have created a keypair, you can begin sending and receiving secure messages with other PGP Desktop users (once you have exchanged public keys with them). You can also use the PGP Desktop disk-protection features.
Exchanging public keys with others is an important first step. To send them secure messages, you need a copy of their public key, and to reply with a secure message, they need a copy of your public key. If you did not upload your public key to the PGP Global Directory using the Setup Assistant, do so now. If you do not have the public key for someone to whom you want to send messages, the PGP Global Directory is the first place to look. PGP Desktop does this for you—when you send email, it finds and verifies the keys of other PGP Desktop users automatically. It then encrypts your message to the recipient public key, and sends the message.
4 Validate the public keys you get from untrusted keyservers.
17
Loading...
+ 309 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use