![[Get PGP now!]](images/pgp-now.gif){kind=small}
KeyId: 0xF7ECA6C9
![[EFC
- This site supports strong crypto]](images/efccrypt.gif)
[ mctaylor ] [ my pgp keys ]
|
mctaylor KeyId: 0xF7ECA6C9 |
|
PGP is the name of two things, an email and file encryption software package, and the related encryption standard. The software package is available currently from Network Associates (previous versions were available from PGP Inc., and Viacrypt) and MIT. There are two PGP standards, from the Internet Engineering Task Force (IETF): RFC 1991 - PGP Message Exchange Formats (ftp) and RFC 2440 - OpenPGP Message Format (ftp).
The PGP package provides security to files and e-mail via encryption and digital signatures using the RSA or Diffie-Hellman public key algorithm and the IDEA, CAST-128, Triple-DES, or Blowfish secret key algorithms. For more information about Cryptography, PGP, and Your Privacy go to http://world.std.com/~franl/crypto/ which is part of the WWW Virtual Library.
Unfortunately to make getting started more complicated, several versions of PGP are still in use. This is due to US export regulations and the former (2000) RSA algorithm patent, and still-valid (in US and most of Europe) IDEA patents.
You may wish to read the Where to get the Pretty Good Privacy program (PGP) FAQ to determine which program to use.
For commercial usage, PGP is available from Network Associates (formerly PGP Inc.) for usage in United States and Canada. For commercial usage outside United States, see PGP international from Network Associates International BV. PGP is available from MIT for non-commercial usage in Canada and USA. PGP is also available for non-commercial international usage (outside USA, but including Canada). There is also GNU Privacy Guard (aka GnuPG or GPG) available.
To help you get exchange PGP public keys you can use <http://www.pgp.net/pgpnet/> which provides an email and a web interface to their distributed public-key server. PGP/MIT also runs another pgpkeys.mit.edu:11371 well-known server. In an interesting twist, the Computer Security Group at Cambridge University have published The Global Internet Trust Register, as a printed book.
PGP is legal to use in Canada. A Canadian in Canada can use any version of PGP she/he wants, as long as she/he follows the non-commercial/ commercial usage restrictions. If you wish to bring your (laptop) computer with PGP into US then I suggest you want to use the MIT or Network Associate versions. Otherwise you may prefer the International version.
Because cryptography use to be an obscure topic, dominated by governments and militaries interested in national security, some people get a bit mystical about cryptography. To complicate matters Philip Zimmermann, the original author of PGP, was under federal investigation for several years in regards to export violations of early versions of his PGP software. The US government dropped the case after a three year investigation due to lack of evidence. His original target audience of users were human rights activists, whom operated under severe threat in some countries. Now PGP/OpenPGP is the de facto Internet email encryption standard.
For further information about PGP, and how to use it, check the alt.security.pgp FAQs from faqs.org, and comp.security.pgp FAQ from www.pgp.net/pgpnet .
[ mctaylor ] [ my pgp keys ]