From: "Siberia" <klong@phoenix.net>
Date: Thu, 7 Dec 95 05:26:14 PST
To: cypherpunks@toad.com
Subject: (Fwd) General release of Open Encryptor interface for PGP
Message-ID: <199512071327.HAA06167@phoenix.net>
MIME-Version: 1.0
Content-Type: text/plain


------- Forwarded Message Follows -------
Priority:      normal
Date:          Fri, 8 Dec 1995 00:08:30 +1200
Reply-to:      Pegasus Mail Announcments <PM-NEWS@UA1VM.UA.EDU>
From:          John Navas <JNavas@aimnet.com>
Organization:  The Navas Group, Dublin, CA, USA
Subject:       General release of Open Encryptor interface for PGP
To:            Multiple recipients of list PM-NEWS <PM-NEWS@UA1VM.UA.EDU>

-----BEGIN PGP SIGNED MESSAGE-----

Release 1.0 of my Open Encryptor interface for PGP has been posted on
my anonymous FTP server <ftp://ftp.aimnet.com/users/jnavas/winpmail/>

PGP information is available at http://www.mantis.co.uk/pgp/pgp.html
The MIT distribution of PGP is at ftp://net-dist.mit.edu:/pub/PGP/
ViaCrypt (commercial version of PGP) is at http://www.viacrypt.com/
The International PGP Home Page is at http://www.ifi.uio.no/~staalesc/PGP/

Release notes for PGP Open Encryptor Interface version 1.0:

1.  Only public key cryptography is supported in this release, NOT
    conventional cryptography.
2.  Basic Key Management functions are implemented:
    a.  To add a public key block contained in a message to your Key
        Ring, either Open or select the message before invoking Key
        Management.  (If a public key block is placed in a digitally
        signed and/or encrypted message, it will not be recognized
        automatically by this interface.)  You can also invoke Key
        Management and paste a public key block into the dialog from
        the Windows Clipboard (which does of course work with a
        signed and/or encrypted message).
    b.  You can check to see if a given email address is on your Key
        Ring -- just paste the email address (without the name) into
        the dialog box control.
    No other Key Management functions are implemented at this time.
3.  Both digital signing and signature verification are implemented:
    a.  If a secret pass phrase is needed (and not provided in
        the PGPPASS environment variable), it MUST be provided each
        time in the WinPMail Password field.
    b.  Please note that signature verification is a strictly *manual*
        process -- you must expliticly use the WinPMail menu.  This is
        a characteristic of WinPMail, NOT this interface.
4.  When encrypting:
    a.  The recipient email address (e.g., jnavas@navasgrp.com) will
        normally select the appropriate public key automatically, but
        it may be overridden with an entry in the WinPMail Password
        field.
    b.  Your recipient may need to add also-known-as entries to
        his/her public key to ensure that you match on various forms
        of email addresses (e.g., also known as
        jnavas@mailhost.aimnet.com).
    c.  The WinPMail Password will NOT be used for encryption of a
        digitally signed message, since the Password is then reserved
        for the secret pass phrase (whether one is needed or not).
5.  If encryption or signing fails (e.g., because the recipient is not
    on your key ring, or because your secret pass phrase was
    incorrect), an empty message will be sent.  This is a
    characteristic of WinPMail, NOT this interface.
6.  Copies to self of encrypted and/or signed messages are NOT
    encrypted and/or signed.  This is a characteristic of WinPMail, NOT
    this interface.  (If you want an encrypted and/or signed copy, BCC
    yourself.)
7.  It is normally NOT possible for you to decrypt message that you
    have encrypted for someone else (since you do not have that
    person's secret key).  However, you can establish a master
    decryption key by setting the PGPJNKEY environment variable to a
    string needed to select the appropriate public key (yours or not).
    TEST FOR PROPER OPERATION (BY DECRYPTING A MESSAGE ENCRYPTED FOR
    SOMEONE ELSE) BEFORE YOU DEPEND ON IT!  It may be a good idea to
    add an also-known-as alias just for this purpose.
8.  The Cancel button does not work on the Decryption dialog box.
    This is a characteristic of WinPMail, NOT this interface.
9.  When you do a Find on a folder, WinPMail puts up the Decryption key
    dialog for every encrypted message, even when you are only
    searching headers, which can make the process painful.  This is a
    characteristic of WinPMail, NOT this interface.
10. Attachments to encrypted messages are NOT supported.  (Outgoing
    attachments to encrypted messages are NOT encrypted, and incoming
    binary attachments are corrupted.)  This is a characteristic of
    WinPMail, NOT this interface.
11. Windows 3.10, Windows for Workgroups 3.11, and Windows 95 are
    supported.  Windows NT and OS/2 have NOT been tested and are NOT
    currently supported.  USE THEM AT YOUR OWN RISK.
12. MIT PGP 2.6.2 is supported in this release.  Other versions of PGP
    have NOT been tested and are NOT currently supported.  ViaCrypt PGP
    has NOT been tested for this release, but is expected to be
    supported in a subsequent release.  USE THEM AT YOUR OWN RISK.
13. Reassembly and decryption of multiple-part PGP messages is NOT
    supported.
14. PGP messages sent by other WinPMail Open Encryptor PGP interfaces
    may not trigger this interface.  (Other PGP sources should not be a
    problem.)  This is a characteristic of WinPMail, NOT this
    interface.

To install the PGP Open Encryptor Interface:

1.  UnZIP in a subdirectory of FORMS called PGPJN
    (e.g., \PMAIL\FORMS\PGPJN).
2.  Copy the PGPJNP.FFF file up to your WinPMail directory (e.g.,
    \PMAIL).
3.  Make sure that PGP is installed correctly, and that the PGPPATH
    environment variable is set correctly.  (If PGPPATH is set, PGP
    does not need to be in your PATH.)
4.  Encrypt and send a message to yourself to test operation.

John Navas <JNavas@NavasGrp.com>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBMMbC7O5ya4p8vxAtAQHO7wH/atOJoEbrUX2G/Zzr3jZCvblQZXBWzlv6
KTNraPxaui8jtw83U+pZYWV/jNVJ48Fw4Fy6XeQrtdzXJsi0tKJZtg==
=jZvU
-----END PGP SIGNATURE-----