Next
Previous
Contents
To use anyone of the versions of PGP with Mutt-i, first it will
be necesary to configure PGP properly in the way that the public keys
file (public keys ring) and the private keys file (private keys ring) will
exist. It is convenient to previously test PGP from the command line to
assure that it signs and encrypt correctly.
Remember that the PGP versions that exist for Unix are 2.6.3(i) and 5.0(i) , that we call PGP2 and PGP5 respectively forward. GnuPG is a new encrypt system, being developed in these days, in an advanced state of development, open source and free, in many aspects better than PGP (see GnuPG mini howto
http://www.dewinter.com/gnupg_howto).
We will also clarify that PGP, as being a program developed in the
US, is restricted by certain exporting laws about programs that include
cryptographic code; this is the reason for the existance of an
international version to almost all binary versions, and it is noted with
the "i" letter (pgp - pgpi).
PGP2 generates keys with the RSA
http://www.rsa.com,algorithm and it uses IDEA
http://www.ascom.ch as the encryption
algorithm. Both are propietary algorithms and its use is restricted by its
respectives patents.
To run it correctly, you must have it installed, as well as having a directory called ~/.pgp , containing the configuration file pgp-i.conf and the private and public keys rings files, pubring.pgp and secring.pgp respectively.
The keys generated by PGP5 are DSS/DH (Digital Signature
Standard / Diffie-Helman). PGP5 uses CAST, Triple-DES, and
IDEA as encrypt algorithms. PGP5 can work with encrypted or signed
data with RSA (PGP2), and use that keys to sign or encrypt (with the
keys generated with PGP2, because PGP5 can not generate that type of
keys). In the other hand, PGP2 can not use the DSS/DH keys from
PGP5; this creates incompatibility problems, because many users continue
using PGP2 with Unix/Linux.
To run PGP5 correctly, in the ~/.pgp directory you will
have the public and private key rings (pubring.pkr and
secring.skr respectively), and the configuration file pgp.cfg .
In the case that you have installed the both versions of PGP (PGP2
installed and configured before PGP5), we will create the configuration
file ~/.pgp/pgp.cfg of PGP5 as a simbolic link to the
~/.pgp/pgp-i.conf configuration file,
~/.pgp$ ln -s pgp-i.conf pgp.cfg
adding the following lines at the end of the file
~/.pgp/pgp-i.conf :
PubRing = "~/.pgp/pubring.pkr"
SecRing = "~/.pgp/secring.skr"
RandSeed = "~/.pgp/randseed.bin"
The files with the keys rings of the different versions can cohexist
without any problem in the same directory.
GnuPG is a program with the same functions that the previous. The
difference with PGP, GnuPG do not uses algorithms with
restrictive patents. PGP is free for personal uses but not comercial
jobs and its development is closed. GnuPG is free to be used in any
job and it is open source, as our favorite operating system (also its
implementation and development is made mainly in Linux).
The keys generated by GnuPG are of the type DSA/ElGamal
(Digital Signature Algorithm, also known as DSS). Is totaly
compatible with PGP, except with the use of restricted patents
algorithms RSA and IDEA. Anyway, it is posible to implement
certain compatibility with that (see GnuPG mini howto
http://www.dewinter.com/gnupg_howto to get it interacting with
PGP2 and PGP5).
Next
Previous
Contents
|