-----BEGIN PGP SIGNED MESSAGE----- -------------------------------------------------------- PGP 6.0.2ckt - Build 07 - Read me file - 01/04/2000 -------------------------------------------------------- This is build 07 in the 6.0.2ckt series. It's for those purists who would rather be using PGP 6.0.2. So, if you want the latest and greatest, I suggest that you use one of the PGP 6.5.2a builds. What is new? 1) Re-compiled everything using MSVC 6.0. A lot of errors which MSVC 5.0 did not catch were unraveled, and corrected. 2) PGPDisk was re-compiled with the latest version of DriverStudio. 3) Re-compiled everything using the latest MS SDK, DDK's, and the 1.7.1 SDK. 4) The outlook express plugin should work with Outlook Express v5.x.x 5) The Outlook plugin should work with Outlook 2000. 6) Everything should work under windows 2000 (Build 2128). 7) Fixed a bug in the CBT hook proc which caused the "use current window" feature not to work under windows 2000. 8) This build uses the PGP 6.5.1 installer, which is more robust. I have renamed the dll's so that they will be compatible with this installer. 9) Fixed a bug in the above installer which prevented the Installer from automatically finding where Outlook Express is installed. 10) Added a column to PGPKeys which shows the 64 bits Key ID. To access this feature select View|Key ID 64 bits in the PGPKeys menu. Then order and re-size the column according to your taste. For easy reference the plain vanilla 32 bit Key ID is kept as a distinct column. ------------------------------- IMPORTANT - BEFORE YOU INSTALL: ------------------------------- Before you install do the followings (yes I know it's time consuming, but please do it none the less, this will save a lot of your precious time should you have any problems):- 1) Exit all programs. 2) Un-install PGP. 3) Re-boot. 4) Delete these files, if any:- for windows 95/98 systems:- a) c:\windows\pgp*.* b) c:\windows\system\pgp*.* or for windows NT / 2000 systems:- a) c:\winnt\pgp*.* b) c:\winnt\system32\pgp*.* 5) Install this build. 6) re-boot. 7) Enjoy. 8) Let me know if you find any problems. Enjoy! Best Regards Imad R. Faiad -----BEGIN PGP SIGNATURE----- Version: 6.0.2ckt http://irfaiad.virtualave.net/ Comment: KeyID: 0x833F1BAD Comment: Fingerprint: 75CD 96A7 8ABB F87E 9390 5FD7 2A88 4F45 iQEVAwUBOHF/xbzDFxiDPxutAQG0gwf/YSlQe5nkN5YR3gDOv0SmlscgrchNVuqZ Xfo3vVNlNiITbARWdNX0YFCOTplRKVoWFbE4pzI0oKA7PqaHatXpZlhAarPZBbzv TEczzZy32xcFcUejNjO6ps6NDT+lrf/W/bBHSHt7KIejRXVfQLg39ojDO+aej1ff fvAGbXBctHh6QMzFizWDf/AB59yqX2Yx/RmZb5/E5eLaEmv1t0Ln0snZQJP4cvOU h0iOeM1h02HC+H2BBopPjWHL4t/bdMDmMvMQZWwLxXPgXZEqHc102O0joNyG6wEZ 1sG1onihmJhfVkkLvdByfow5ajzdiUb6WGqraQ/4ncxYhrtaA5vM3w== =OEo/ -----END PGP SIGNATURE----- -----BEGIN PGP SIGNED MESSAGE----- ------------------------------------------------ PGP 6.0.2ckt - Build05 - Read me file - 03/19/99 ------------------------------------------------ ************************************************************* * Contents of this Documents ************************************************************* 1) Summary of the Features in Build 05. 2) Features in this build 3) Compatibility Guidelines. 4) Change History. 5) A Statement from the Compiler. 6) Disclaimer. 7) A Message From Philip Zimmermann.. ************************************************************* * Summary of the Features in Build 05 ************************************************************* 1) Support (Handling & Keygen) for RSA keys up to 16384** bits. 2) Support (Handling & Keygen) for DH keys up to 8192** bits. 3) Support (Handling) for DSA keys up to 2048 bits. 4) Support (Handling) for the SHA-Double hash algorithm. 5) User selectable hash algorithm when singing with RSA keys. 6) Expanded list of key servers. 7) Easy one click key size selection in key size wizard dialog. 8) Enhanced signing key dialogs, with DS key size & key id info. 9) Key ID column in recipient dialog. 10) Enhanced PGPLog with key ID column. 11) Enhanced decrypt dialog with more key information. 12) User selectable number of key rings backups. 14) Floppy disk prompt when keyring is on diskette. 15) Auto signing key id in comment block. 16) Auto signing key fingerprint in comment block. 17) User defined / selectable version string. 18) Enhanced Explorer context menu. 19) Expanded pre-defined key sizes in key search dialog. 20) Expanded quick links in about dialog. 21) PGPDisk is included. 22) Launch PGPDisk in PGPTray works! 23) Integrated ckt PGP online help. 24) Sam Simpson's "PGP DH vs. RSA FAQ" is bundled with this build. ------------------------------------------------------------------- **Users are urged to read the "Compatibility Guidelines", and a "A Message From Philip Zimmermann" sections, of this read me file. ------------------------------------------------------------------- ************************************************************* * Features In This Build ************************************************************* This is the C-KT build of PGP 6.0.2, it is based on the PGP 6.0.2i source code released by PGPi.com. It has been modified to allow the use and generation of RSA keys up to 16384 bits in length. For compatibility's sake, RSA keys > 2048 bits should be avoided. It has also been modified to allow the use and generation of DH keys up to 8192 bits in length. For compatibility's sake, DH keys > 4096 bits should be avoided. This build supports DSA keys up to 2048 Bits in length. However, the program will not generate such DSA keys. For compatibility's sake, DSA keys > 1024 bits should be avoided. If you have such keys it is a good idea to revoke them, as support for such keys may not be possible to add in future implementations of PGP. I have added support for the SHA-Double hash algorithm. The Program will successfully decode / verify a PGP message where the SHA-Double hash algorithm is used. However, this algorithm may not be selected by the user, it is invoked by the program when signing with a DSA key > 1024 bits. Please be aware that the use of the SHA-Double hash algorithm is deprecated and should be avoided for three reasons:- * It offers no added security over the other provided hash algorithms. * It causes inter-operability problems with other implementations of PGP. (PGP 5.x.x is the only implementation of PGP that I am aware of that supports the SHA1x hash algorithm). * It may not be possible to implement in future versions of PGP. Please Note that PGPDisk in Build 05 of PGP 6.0.2ckt Does Not Support Large Keys. In this build the user may select his preferred hash algorithm. The selected hash algorithm will thereafter be used whenever signing with an RSA key. The user may set this feature via the "Preferred Hash Algorithm" combo box in the "Advanced" tab of the PGP preferences dialog. Please note that the default hash algorithm when signing with an RSA key is MD5. However, in addition to the default, this build gives you a choice of the SHA1 and the RIPEMD-160 hash algorithms. A note to QDPGP users:- The program will honor QDPGP hash algorithm settings when the selected hash algorithm (in QDPGP) is other than the default MD5. If you wish to sign a message from within QDPGP using the default MD5 hash algorithm, please make sure that your PGP Preferred Hash Algorithm is also set to MD5. Please refer to the "Compatibility Guidelines" section of this document, if you ever intend to use the preferred hash algorithm feature. I have added some key servers, namely, PGP.ai.mit.edu, PGP5.ai.mit.edu (Bal's Key servers), some of the PGP.net which were omitted in PGP 6.0.2i, and many other less known key servers. Please note that not all of the added key servers may work. Some of them may be down at times. If you have some additional key servers you wish us to hard code into our build, please let me know, so that they may be added to our next build. The key size wizard dialog has been recoded. It now displays PRZ's message in the top part. The bottom part has a combo box containing all the supported key sizes in .5k bits increment, and an edit box for custom key sizes. The range of the supported key sizes is correctly displayed in the custom key size radio button's caption. Also, the key sizes which may cause incompatibilities with other PGP versions are clearly marked with an "*" in the key size selection combo box. I have enhanced the signing key dialogs, it is now wider and the combo box shows the user ID, full key size information including the DS key size, and the key ID. Many Thanks to Mr. Michael Ray for proposing this change in PGP 5.5.3ckt. I have added the Key ID column to the recipient dialog. The key ID column is sortable. To sort on the Key ID simply click on the column heading. This should make the selection of recipient keys much easier. I have also added a Key ID column to PGPlog. It is based on the PGP 5.5.3 PGPLog patch, I must therefore give credit to Lincoln Yeoh and the anonymous poster of a message in alt.security.PGP, for this handy enhancement to PGPlog. This build also implement the enhancements to the decrypt dialog as originally suggested by the anonymous poster. This makes the decrypt dialog box more user friendly and informative. * It shows the full user ID in the first column, the key size in the second, and the key ID in the third. * It displays the key ID of any unknown private keys. The user ID will be reported as "Unknown Private Key" and the size will be reported as "???" * It places a key pair icon to the left of the user ID. This will show whether the key is RSA or DH and whether it's active, expired, revoked, or not on your secring file. Unknown keys will display a question mark icon. Please note that double clicking on an unknown key in the above dialog will cause the program to attempt to get that key from the default key server. Please also note that for both of the above enhancement the Key ID will be reported correctly in these two instances:- * if the key is an RSA key or * if the key is DH/DSA and is in your key ring. That is, if the key is a DH/DSA key, and it is not in your keyring the Key ID of the DSA key will be reported instead of the DH key ID. In this build the user may select the number of backup key rings to be maintained by the program. This may be set by the user from the "Number of Key Rings Backups" combo box in the "Files" tab of the PGP preferences dialog. You may chose to maintain from One to Four key rings backup sets, however, I urge all users to set it to the default Four, so that in case of key rings corruption one may always roll back to a previous key rings backup set. So, you assess the risk, and cautiously set this feature accordingly. In this build, if the secret key ring is stored on a diskette, the user is prompted once per program session to insert the floppy disk containing her/his keyrings, so as to prevent an endless spin of the diskette drive when the user forgets to load it with the key ring diskette. This feature was originally implemented in PGP 5.5.3ckt at the insistence of Patricia Hoskins, thank you Pat. This build can selectively append on the fly the signing key ID, and / or it's fingerprint to the comment block. This feature may be toggled via the "Append signing Key ID to comment block" and the "Append signing Key Fingerprint to comment block" check boxes in the "General" tab of the PGP preferences dialog. Thus, one may append on the fly, the signing key ID, the signing key fingerprint, both or none to the comment block. This feature now works throughout the program, including the PGP plugins. This version of PGP is pre-set to identify itself as:- "Version: 6.0.2ckt http://members.tripod.com/IRFaiad/" But, if you don't like the above *punch line*:- In this build is the user defined / selectable version string. This feature may be accessed via the "Version String Preference" combo box in the "email" tab of the "PGP Preferences" dialog. I have pre-set the list to 60+ different version strings from various PGP builds, as well as non existent builds at the time of writing. If you do not like any of the pre-set version strings, you may define your own. To do so, enter your own version string in the combo box then click OK. Your custom version string will be stored as the first item in the drop down list. It will remain there until you explicitly change it. You may, in the meantime select any other version string from the list without losing your custom version string. Many thanks to Ghengus Khan, Marty and Nape for suggesting this feature. Please use this feature responsibly. In the old 2.6x PGP you could "double" encrypt a file. That is, first encrypt it with a public key and then encrypt it a second time with conventional encryption to hide the key id. With PGP 6.0.2 once a file has been encrypted with a public key and the file suffix has been changed to .PGP or .ASC you can no longer(from an Explorer context menu) request that it be encrypted again without first removing the .PGP or .ASC file suffix. To remedie this problem, the behavior of the explorer PGP context menu has been changed so that the full compliment of the PGP sub-menu items are shown regardless of the file type. Many thanks to Gogoo for proposing this feature. The list of predefined key sizes has been expanded in the key size combo box in the key search dialog. It now includes keysizes up to 16384 bits in .5k bits increment. The about dialog has a combo box with many useful links. The links include PGP.com, PGPi.com, the Cyber-Knights Templar home page, Marty's home page, the Replay.com ftp site incoming directory, the Replay.com ftp site PGP 5.5.3 C-KT directory, the Replay.com ftp site PGP 6.0.2 C-KT directory, and my home page. The build information is reported in the about dialog. Changed the column layout in PGPKeys so that the Key ID will display in the default view next to the key name. At the request of many users the following defaults have been changed:- * "Faster key generation" is un-checked. * "Cache decryption passphrases for" is un-checked. * Preferred symetric cipher for DH keys is Triple DES. PGPDisk is included in this build. Please note that the PGPDisk Windows NT driver that ships with this build has been culled from PGP 6.0.2i. On the other hand the PGPDisk Windows 95/98 Driver has been successfully compiled using VToolsD 2.04. Finally, it has been reported that PGPDisk may not be launched from PGPTray in PGP 6.0.2i when PGPDisk is installed. I am happy to inform you that this feature works in PGP 6.0.2ckt. I can assure you that we did not *fix* this bug, since the ckt code is based on the PGP 6.0.2i source code. However, I would speculate that this feature works as advertised in the ckt builds because we are using a more recent version of the Microsoft Platform SDK. Please note that Ckt.hlp file has been completed and integrated into the PGP help file. It may be accessed from: "PGP 6.0.2ckt - Build05" -> "About this build of C-KT PGP", in the main PGP 6.0.2 help file. Sam Simpson's "PGP DH vs. RSA FAQ" has been bundled with this build. It may be found in the file "pgpfaq.html", in the PGP install directory. All my PGP keys may be found in the signatures directory of the PGP install directory. If you have any of my keys in your keyring, please take the time to update them. ************************************************************* * Compatibility Guidelines ************************************************************* First of all, when you add keys to your PGPDisk volume please avoid the following types of keys:- * RSA keys > 2048 bits. * DH keys > 4096 bits. * DSA keys > 1024 bits. I would like to stress once again, please do not use large keys with PGPDisk. The following table summarizes the capabilities of the official builds of various versions of PGP. The 5.x.x and the 6.x.x's columns refer to the official builds with full RSA capabilities. The 6.x.xic column refers to the international, commercial version of PGP offered by http://www.pgpinternational.com/. The last column shows the capabilities of PGP 6.0.2ckt as of Build 05. Also note, that KG means handling and key generation capabilities, while H means handling. Cell contents marked with "*" mean that these key sizes or algorithm are non-standard and should be avoided. +--------+-------+-------+---------+----------+ Alogoritm/PGP ! 2.6.x ! 5.x.x ! 6.x.x ! 6.x.xic ! 6.0.2ckt ! +--------------+--------+-------+-------+---------+----------+ ! Max RSA - KG ! 2048 ! 2048 ! 2048 ! 2048 ! 16384* ! +--------------+--------+-------+-------+---------+----------+ ! Max RSA - H ! 2048 ! 8192* ! 2048 ! 4096* ! 16384* ! +--------------+--------+-------+-------+---------+----------+ ! Max DSA - KG ! no ! 1024 ! 1024 ! 1024 ! 1024 ! +--------------+--------+-------+-------+---------+----------+ ! Max DSA - H ! no ! 2048* ! 1024 ! 1024 ! 2048* ! +--------------+--------+-------+-------+---------+----------+ ! Max DH - KG ! no ! 4096 ! 4096 ! 4096 ! 8192* ! +--------------+--------+-------+-------+---------+----------+ ! Max DH - H ! no ! 4096 ! 4096 ! 4096 ! 8192* ! +--------------+--------+-------+-------+---------+----------+ ! MD5 ! yes ! yes ! yes ! yes ! yes ! +--------------+--------+-------+-------+---------+----------+ ! SHA1 ! no ! yes ! yes ! yes ! yes ! +--------------+--------+-------+-------+---------+----------+ ! RIPEMD160 ! no ! yes ! yes ! yes ! yes ! +--------------+--------+-------+-------+---------+----------+ ! SHA1x ! no ! yes* ! no ! no ! yes* ! +--------------+--------+-------+-------+---------+----------+ It is good practice to bear in mind the above capabilities, as well as, the compatibility recommendations enumerated below, whenever one intends to exchange PGP encoded messages with other PGP users. Compatibility Recommendations: ------------------------------ If you wish to be compatible with:- 1) All PGP 2.6.x users: -------------------- Use RSA keys up to 2048 bits, and always sign with the MD5 hash algorithm. Things to avoid:- * RSA keys > 2048 bits. * Hash algorithms other than MD5. * DH / DSA keys. 2) All PGP 5.x.x or PGP 6.x.x users: --------------------------------- Use DH keys up to 4096 bits, with DSA keys up to 1024 bits. Things to avoid:- * DH keys > 4096 bits. * DSA keys > 1024 bits. * RSA keys. 3) All RSA enabled PGP 5.x.x or PGP 6.x.x users: --------------------------------------------- Use DH keys up to 4096 bits, with DSA keys up to 1024 bits, or RSA keys up to 2048 bits, and always avoid signing with the SHA-Double hash algorithm. Things to avoid:- * DH keys > 4096 bits. * DSA keys > 1024 bits. * RSA keys > 2048 bits. * The SHA-Double hash algorithm. ************************************************************* * Change History ************************************************************* 03/19/99 PGP 6.0.2ckt - Build05 ---------------------- What's new in this build? 1) Added support for the append key information to comment block to the PGP plugins. 2) Enabled RSA keygen for keys up to 16k bits in length. 3) Enabled DH keygen for keys up to 8k bits in length. 4) Ported Anonymous's & Yeoh's Key ID column in PGPLog. 5) Ported the floppy prompt fix - That is, when the keyrings are stored on diskette the program will prompt the user to insert the floppy disk containing her/his keyrings, once per program session. The keyrings may be on the A: or B: drive. 6) Changed the default symetric cipher algorithm when generating DH keys to 3DES. 7) Changed the default "faster key generation" preference to false. 8) Ported the context menu modification. This feature changes the behavior of the explorer PGP context menu so that the full compliment of the PGP sub-menu items are shown regardless of the file type. 9) Re-done the read me file. 10) Ckt.hlp file has been completed and integrated into the PGP help file. It may be accessed from: "PGP 6.0.2ckt - Build05" -> "About this build of C-KT PGP", in the main PGP 6.0.2 help file. 11) Changed the default "Cache decryption passphrases for" check box preference to un-checked. 12) The list of predefined key sizes has been expanded in the key size combo box in the key search dialog. It now includes keysizes up to 16384 bits in .5k bits increment. 13) Fixed the signing key combo box so that the DS key size is also displayed. 14) Sam Simpson's "PGP DH vs. RSA FAQ" has been bundled with this build. It may be found in the file "pgpfaq.html", in the PGP install directory. 3/3/99 PGP 6.0.2ckt - Build04 What's new in this build? The Clean Stuff:- ----------------- 1) Recoded the key size wizard dialog procedure. It now displays PRZ's message in the top part. The bottom part has a combo box containing all the supported key sizes in .5k bits increment, and an edit box for custom key sizes. The range of the supported key sizes is correctly displayed in the custom key size radio button's caption. 2) Added the key ID column to the recipient dialog. It has full sort capabilities. 3) Fixed the properties of all the non-editable combo boxes which I had added from "Dropdown" to "Drop List". 4) Moved the ckt preferences registry keys from:- Software\\PGP\\PGP60\\PrefKeyringBackups Software\\PGP\\PGP60\\PrefHashAlgorithm To:- Software\\Network Associates\\PGP60\\PrefKeyringBackups Software\\Network Associates\\PGP60\\PrefHashAlgorithm Respectively. 5) The PGPDisk Windows 95 Driver has been compiled using VToolsD 2.04. It is included in this build. 6) Fixed a type-o in the Installshield installer script. The Dirty Stuff:- ---------------- 7) Added support for RSA keys up to 16k bits in length. However, the program will not generate RSA keys > 8k bits. 8) Added support for DH keys up to 8k bits in length. However, the program will not generate DH keys > 4k bits. 9) Added support for the SHA-Double hash algorithm. The Program will successfully decode / verify a PGP message where the SHA-Double hash algorithm is used. However, this algorithm may not be selected by the user, it is invoked by the program when signing with a DSA key > 1024 bits. As a bye product of the above modification, DSA keys > 1024 bits are now supported, however, such keys will not be generated by the program. I would like to state that by doing so, I am in no way endorsing the use of this algorithm or DSA keys > 1024 bits. Also, the use of this algorithm is un-warranted for two reasons:- * First, it offers no added security over SHA1 or RIPEMD160. * Second, it causes inter-operability problems with other implementations of PGP. PGP 5.x.x is the only implementation of PGP that I am aware of that supports the SHA1x hash algorithm. For compatibility's sake, it is a good idea to revoke all DSA keys > 1024 bits. Also, be aware that adding support for such DSA keys or the SHA-Double hash algorithm, may not be possible in future implementations of PGP. You have been warned! Since Build 03, the Vireo tools have been acquired. The PGPDisk win95 driver was built successfully. However, I have yet to figure out how to build the PGPDisk win-nt driver. I suspect that the problem could be to do with the wrong versions of the SDK, and DDK's installed on my machine. If you would like to help, and have any of the followings:- * Microsoft Platform SDK January 1998 * Microsoft Windows NT DDK January 1997 * Microsoft Windows 95 DDK January 1998 Please email me. Should any problems arise with this build, please do not hesitate to contact me. All my PGP keys may be found in the signatures directory in the PGP install directory. If you have any of my keys on your keyring please take the time to update them. Enjoy! Best Regards Imad R. Faiad 02/22/99 PGP 6.0.2ckt - Build03 ---------------------- What's new in this build? 1) Changed the column layout in PGPKeys so that the Key ID will display in the default view next to the key name. 2) Added the Preferred Number of Key Ring Backups feature. 3) Ported Anonymous's, List Control with Key ID and info in the PGP decrypt Dialog. 4) PGPDisk is now included in this build. All the binaries where compiled with the exception of the driver's binaries which were culled from PGPFreeware6.0.2i. Not sure whether this would work as I am no PGPDisk user. Please make sure you backup your PGPDisk volume files if you intend to use the PGPDisk which is included in this build. If there are any problems please let me know, your feed back will be most appreciated. 5) I have re-incorporated 40Comupd.exe in the installer, just in case someone needs it. Heck, it's only 430 odd k's, and besides, what's 430k between friends? Some good news and some bad news. The good news is that there is a remote possibility that I may lay my hand on Vireo's VToolsD. If I do, I will be able to clean compile PGPDisk's Win95 driver. And now the bad news, no possibilities in sight yet to get Vireo's Driver::Works, without which no PGPDisk Win NT drivers may be compiled. If you are in a position to help with regards to the needed software tools, please email me. Enjoy! Best Regards Imad R. Faiad PGP 6.0.2ckt - Build02 ---------------------- What's new in this build? 1) Recoded the logic of the hash algorithm feature so that external PGP option lists are more or less honored, for better compatibility with QDPGP. 2) Added the user specified version string feature. 3) Added the Key ID to signing key combo box. 4) Split the append key info to comment block into two. Namely, Append Key ID to comment block, and Append Finger Print to comment block. So, you may opt to append no key info, or just the signing key ID, or just the signing key fingerprint, or both the signing KeyID and it's fingerprint to comment block. 5) The build number now displays in the about dialog. 6) Added some more key servers. 7) Changed the default cipher to IDEA. 8) Omitted 40Comupd.exe from the installer to make it smaller. If you need this file, download it from the Micro$oft web site. To install this build, I recommend that you un-install ckt Build01 first. If you find any problems with this build, please email me. I still do not possess the necessary tools to build PGPDisk. I therefore, once again, appeal to those in a position to help to do so, so that we may proceed with compiling a full fledged ckt build that includes PGPDisk. The following tools are needed:- * Vireo Driver::Works 1.20 * Vireo VTOOLSD 2.05b Enjoy! Best Regards Imad R. Faiad PGP 6.0.ckt - Build01 --------------------- Here it is at last, the first beta build of PGP 6.0.2ckt. The following features have been implemented so far:- 1) Support for RSA keys up to 8192 bits in length. 2) Append the signing key ID & Fingerprint to the comment block. 3) User selectable Hash Algorithm when signing with RSA keys. If you don't know what the above features are, or how to use them, please refer to the read me file of PGP 5.5.3ckt for more information. This is a beta build, and as such, I assume that you know what you have to do to install it. If you encounter any bugs or problems please do not hesitate to email me (matic@cyberia.net.lb). If anyone has any of these tools and would like to help, please email me:- * Microsoft Platform SDK January 1998 * Microsoft Windows NT DDK January 1997 * Microsoft Windows 95 DDK January 1998 I have the above, but not the exact builds. I have none of these tools:- * Vireo Driver::Works 1.20 * Vireo VTOOLSD 2.05b This build does not contain PGPDisk, because one needs the above Vireo tools to be able to build it. To make the installer lighter, I have omitted the .pdf files. I will be working on porting the customary ckt features to PGP 6.0.2ckt. As they are implemented, they will be made available for download. Many thanks to those who have beta tested the previous build. Enjoy! Best Regards Imad R. Faiad ************************************************************* * A Statement from the Compiler ************************************************************* I have built this version for my own personal use. I can state that as far as I am aware, there are no back-doors in this build, that the program (PGP) can generate and use RSA keys up to 16384 bits in length, DH keys up to 8192 bits in length, will handle DSA keys up to 2048 bits in length, and that the integrity of the program has not been compromised by my modifications. Please note, that this is not a "Warezed" version of PGP. And I, the compiler of the source code, hereby declare that I do not own or claim ownership of the binaries so produced. It is being made available "Gratis" to facilitate the process of satisfying the PGP users community that the current commercial release of PGP is still secure and trustworthy. Therefore, it is my fervent hope, that all users of this package observe all applicable laws with regards to copyrights, patents, and other laws that may govern its use. Finally, many thanks to all the users and beta testers who have contributed to this release, your input has been very valuable to us. Best Regards, and Happy Encrypting, Imad R. Faiad PS If you are reading this from CKT.HLP the signature will not verify ************************************************************* * DISCLAIMER ************************************************************* THIS SOFTWARE AND THE ACCOMPANYING FILES ARE DISTRIBUTED "AS IS" AND WITHOUT WARRANTIES WHATSOEVER, EXPRESS OR IMPLIED. SO USE IT AT YOUR OWN RISK. *************************************** * A Message From Philip Zimmermann *************************************** -----BEGIN PGP SIGNATURE----- Version: 6.0.2ckt http://members.tripod.com/IRFaiad/ Comment: KeyID: 0x833F1BAD Comment: Fingerprint: 75CD 96A7 8ABB F87E 9390 5FD7 2A88 4F45 iQEVAwUBNvJuTbzDFxiDPxutAQFGmAf6Au2k5+AOYGzCs6atqTn33H72dEtuwkFV d/6nrANSSIPYQHDw1Z4XPhFg+aJwZJTucxpioZaePxWqEXG+wu/Vc+uwS+NCEOxp +m5NYXmYnU7HKQLTKqLXFYh7mJXczB4UZ9BnF1vR7Ksv1gukwB89SSbyNj1v/dSj V7zyRBTZXAm6uYKhWGOJ1eL2/BbChpKjoCCludDxn8Rhj0BTdJ/1yhoY3psQ/ixz qBx7AWpMY2DWzz+LImaiqKzRmBVORsGjH9+MiNsgS5rJ2XcJPSw+JdoK8BRZ5HXS 8wHC3rT6QT4WhPB4Qd4kXWFlZv//qSW2ci3t17qayTSjk2IYfagfDg== =PKsY -----END PGP SIGNATURE----- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There is no advantage for using the keys larger than about 3000 bits. The 128-bit session keys have the same work factor to break as a 3000 bit RSA or DH key. Therefore, the larger keys contribute nothing to security, and, in my opinion, spread superstition and ignorance about cryptography. They also slow everything down and burden the key servers and everyone's keyrings, as well as cause interoperability problems with present and future releases of PGP. Perhaps even more importantly, they also undermine other people's faith in their own keys that are of appropriate size. While it may have been well-intentioned, this massive expansion of key size is a disservice to the PGP community. Also, larger DSA keys don't contribute anything unless the hash grows bigger with it. That requires selecting a good well-designed bigger hash that has been specifically designed to have the full work factor for breaking it. Using two SHA1 hashes in that manner has not been adequately shown to achieve this result. Anyone with a sophisticated understanding of cryptography would not make the keys bigger this way. Experimental code that we put into PGP during its development should not be used. It was protected with conditional compilation flags and should never have been revealed to uninformed users who decide to perform a "public service" by enabling the code and releasing it. This is part of the reason why we ask people not to release code changes on their own, but to send them to us, so that we may incorporate some of them (if they seem like good ideas) into our next product release. That is how PGP enhancements from the user community have always been managed since PGP source code was released in 1991. -Philip Zimmermann -----BEGIN PGP SIGNATURE----- Version: PGP 6.0b16 iQA/AwUBNcIZ0GPLaR3669X8EQIblACePP3jorZ6Y+wjYDRomxMfKgLF2h4AoNmI tjDuzHfhdIqDd6s5BUNIlhBu =3BJC -----END PGP SIGNATURE-----