1995-07-12 - Privtool 0.84a

Header Data

From: “Rev. Mark Grant” <mark@unicorn.com>
To: linux-announce@stc06.ctd.ornl.gov
Message Hash: 43f4dda3633519746b08240274b371bcdbefd880e7b9f3129c0f8dbdcf3899f4
Message ID: <Pine.3.89.9507121633.A23453-0100000@unicorn.com>
Reply To: N/A
UTC Datetime: 1995-07-12 15:41:28 UTC
Raw Date: Wed, 12 Jul 95 08:41:28 PDT

Raw message

From: "Rev. Mark Grant" <mark@unicorn.com>
Date: Wed, 12 Jul 95 08:41:28 PDT
To: linux-announce@stc06.ctd.ornl.gov
Subject: Privtool 0.84a
Message-ID: <Pine.3.89.9507121633.A23453-0100000@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Ok, version 0.84 didn't work properly on Linux, so I'm now releasing
a version 0.84a with fixes to make it compile. US users can get the
sources from from ftp.c2.org:/pub/privtool/privtool-0.84a.tar.gz, or
in Europe at ftp.ox.ac.uk:/pub/crypto/pgp/utils/privtool-0.84a.tar.gz.
It will also be available soon on ftp.dsi.unimi.it.

US ITAR laws may make it a crime to export Privtool, so if (like
me) you're not in the US then get it from the European sites.

In addition the documentation is available on the WWW at 
http://www.c2.org/~mark/privtool/privtool.html.

		Mark

	Privtool Beta Release	@(#)README.1ST	1.16 7/12/95
	-----------------------------------------------------

Privtool ("Privacy Tool") is intended to be a PGP-aware replacement 
for the standard Sun Workstation mailtool program, with a similar user 
interface and automagick support for PGP-signing and PGP-encryption. Just 
to make things clear, I have written this program from scratch, it is
*not* a modified mailtool (and I'd hope that the Sun program code
is much cleaner than mine 8-) !). 

When the program starts up, it displays a list of messages in your 
mailbox, along with flags to indicate whether messages are signed 
or encrypted, and if they have had their signatures verified or 
have been decrypted.

When you double click on a message, it will be decrypted (requesting
your passphrase if neccesary), and/or will have the signature checked,
and the decrypted message will be displayed in the top part of the
display window, with signature information in the bottom part. The
mail header is not displayed, but can be read by pressing the 'Header'
button to display the header window. In addition, the program has
support for encrypted mailing list feeds, and if the decrypted
message includes another standard-format message it will replace
the original message and be fed back into the display processing
chain.

When composing a message or replying to one, the compose window has
several check-boxes, including one for signature, and one for
encryption. If these are selected, then the message will be automatically
encrypted and/or signed (requesting your passphrase when neccesary) before
it is sent. You may also select a 'Remail' box, which will use the
Mixmaster anonymous remailer client program to send the message through
one or more remailers.

Being an Beta release, there are a number of bugs and nonfeatures :

Known Bugs :

	Message list scrollbar often set to stupid position when loading
	a mail file.

	When you save changes to the mail file, it throws away the
	signature verification and decrypted messages, so that the
	next time you view a message it has to be verified or decrypted
	again.

	'New mail' indicator in icon does not go away if you open the
	window and close it again without reading any messages.

Known Nonfeatures :

	Currently if you send encrypted mail to multiple recipients, all must
	have valid encrpytion keys otherwise you will have to send the
	message decrypted. Also, the message will be sent encrypted to all
	users, not just the one who is receiving each copy.

	'Add Key' button is enabled and disabled as appropriate, but does
	not do anything ! A number of other buttons and menu items do
	not work either.

	Passphrase is stored in ASCII rather than MD5 form, making it
	easier for hackers to find if you're on a multi-user machine (of 
	course, you shouldn't be, but many of us are).

	Kill-by-subject does not work.

	Ignores Reply-To: lines, and could probably do with an improved
	mail-reading algorithm.

	Only one display window, and only one compose window.

	Code should be more modular to assist with ports to Xt, Motif, Mac,
	Windows, etc. 

	Not very well documented !

	Encrypted messages are saved to mail files in encrypted form. There
	is currently no option to save messages in decrypted form.

	No support for anonymous return addresses.

	Not very well tested on Solaris 2.x, or Linux.

Major changes for 0.84:

	Added 'Forward' option to 'Compose' button.

	Support for Mixmaster and multiple pseudonyms. Due to a bug in
	the current version of Mixmaster, note that messages have to
	be saved to a temporary file for mailing. 

	Fixed file descriptor leak in pgplib.c which could make the program
	hang occasionally when saving changes.

	Added support for 'smallring.pgp' to speed up access to commonly
	used public keys.

	This version is thought to work on Linux, however I haven't
	been able to test that myself. Changes supplied by
	David Summers (david@actsn.fay.ar.us).

Changes for 0.84a:

	Linux testing showed up some problems with 0.84. This has been
	solved by using Rich Salz's parsedate() function to parse the
	dates on mail messages. This is now supplied in a linux
	subdirectory, and appropriate changes made to the Makfile to
	allow it to compile correctly on Linux. Changes supplied by
	David Summers (david@actsn.fay.ar.us).

	Fixed another hang by deleting the lock file if we failed to
	open the mail file while saving a message.

Privtool can be compiled to either use PGPTools, or to fork off a copy of
PGP whenever it is needed. There are also a number of different security
level options for the passphrase, varying from 'read it from PGPPASS and
keep it in memory' to 'request it every time and delete it as soon as
possible', via 'request it when neccesary and delete it if it's not used
for a while'.

See the README file for information on compiling the code, and the
user.doc file for user documentation (the little that currently 
exists). You should also ensure that you read the security concerns
section in user.doc before using the program.

		Mark Grant (mark@unicorn.com)



-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQEVAgUBMAPq5lVvaTo9kEQVAQG48gf9EXXCBm42agXpfJP1ePuI5zbDujtaWhGb
khAPRrlPJJ5QeZp3wz0DMDjhvSJjz2dlyxYj5u61kgbfybhxr2lAzwYL4k89A/B+
aHSggEMpKYwosd9FZEZ30pG1ufYeEI0eJw0hHuZzIIbGzTy3x+IfVY9h41F+ewkV
fbAtw5jwZKI43cil0cds3DFLHYOhiuWUU72KUCHABgvQfLPBYCJ4F3nW64GduxtA
idjHrcfe3ZJNLJEQ1VsHbqbAgND2jzB/8C84kw9Nb9wgd+zTdgnnJPWidpqHZqe2
ymBX1JD675WrKORnZlTI28haIcajPnLp5nXy2Ycs+/5RMuW/AVlYhg==
=4M+l
-----END PGP SIGNATURE-----





Thread