From: Mark Grant <mark@unicorn.com>
Date: Wed, 28 May 1997 03:06:55 +0800
To: cypherpunks@toad.com
Subject: Privtool 0.90 release
Message-ID: <Pine.SOL.3.96.970527113718.21471A-100000@sirius.infonex.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


	Privtool Beta Release
	---------------------

Privtool ("Privacy Tool") is intended to be a PGP-aware replacement 
for the standard Sun Workstation mailtool program, with a similar user 
interface and automagick support for PGP-signing and PGP-encryption. Just 
to make things clear, I have written this program from scratch, it is
*not* a modified mailtool (and I hope that the Sun program code is much 
cleaner than mine 8-) !). It can be compiled using either Motif or the
Xview toolkit.

When the program starts up, it displays a list of messages in your 
mailbox, along with flags to indicate whether messages are signed 
or encrypted, and if they have had their signatures verified or 
have been decrypted.

When you double click on a message, it will be decrypted (requesting
your passphrase if neccesary), and/or will have the signature checked,
and the decrypted message will be displayed in the top part of the
display window, with signature information in the bottom part. The
mail header is not displayed, but can be read by pressing the 'Header'
button to display the header window. In addition, the program has
support for encrypted mailing list feeds, and if the decrypted
message includes another standard-format message it will replace
the original message and be fed back into the display processing
chain. A recent feature is support for decoding nymserver messages
using premail.

When composing a message or replying to one, the compose window has
several check-boxes, including one for signature, and one for
encryption. If these are selected, then the message will be automatically
encrypted and/or signed (requesting your passphrase when neccesary) before
it is sent. You may also select a 'Remail' box, which will use the
Mixmaster anonymous remailer client program to send the message through
one or more remailers.

As a Beta release, it has a number of bugs and unimplemented features.

Known Bugs:

	Mail file menu doesn't work!

	Don't check trust level or for revoked keys.

	In-Reply-To: handled incorrectly with multiple compose windows.

	Many properties updates from the properties window don't take effect 
	until you exit the program and restart.

	Nym selection should be per-compose window, not global.

	'Add Key' button only adds the first key in the message.

	The code in x.c breaks on versions of GCC if compiled with 
	optimization enabled. If you can't 'save attachments' then
	recompile x.c without optimization.


Unimplemented features:

	When you save changes to the mail file, it throws away the
	signature verification and decrypted messages, so that the
	next time you view a message it must be verified or decrypted
	again.

	Currently if you send encrypted mail to multiple recipients, all must
	have valid encrpytion keys or you will have to send the message 
	decrypted. Also, the message will be sent encrypted to all users, not 
	just the one who is receiving each copy.

	Code should be more modular to assist with ports to Xt, Motif
	(under way), Mac, Windows, etc. I may port it to C++ in the near 
	future.

	Not very well documented!

	Encrypted messages are saved to mail files in encrypted form. There
	is currently no option to save messages in decrypted form.

	No support for anonymous return addresses.

	Not very well tested on Solaris 2.x, FreeBSD or SunOS.

	Limited support for attachments (either Sun, uuencode or MIME).

Changes for 0.90:

	Code now compiles on SGI IRIX!

	Mixmaster code now checks reliability before sending the
	message.

	I'm now shipping a modified version of Premail which doesn't
	verify signatures on decoded messages, but instead leaves them
	in place for Privtool to process.

	Fixed failure to strip prepending - marks when clearsigned
	message has bad signature.

	Changed scrollbar setting when opening a new mailbox or
	saving changes; we now display the first unread message if
	there are no new messages.

	Moved 'Print' button to reduce accidental printouts.

	Updating kill filters and pgp key mappings in the properties
	window now works without restarting the program.

Privtool can be compiled to either use PGP Tools, or to fork off a copy of
PGP whenever it is needed. There are also a number of different security
level options for the passphrase, varying from 'read it from PGPPASS and
keep it in memory' to 'request it every time and delete it as soon as
possible', via 'request it when neccesary and delete it if it's not used
for a while'.

I've now patched PGP Tools for Linux. The code is available on
utopia.hacktic.nl as pgptools.linux.1.0.tar.gz. The official Privtool
Web Page is at http://www.unicorn.com/privtool/privtool.html and the
release site ftp://utopia.hacktic.nl/pub/crypto/pgp/utils/privtool/.

See the README file for information on compiling the code, and the
user.doc file for user documentation (the little that currently 
exists). You should also ensure that you read the security concerns
section in user.doc before using the program.

		Mark Grant (mark@unicorn.com)



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Charset: noconv

iQC1AwUBM4stDqrJT5JmwV0FAQFJxAT/WCU8MEEMoFuXLgiqft7gcaf+9lWUpOTY
BBBHf2xRGCaaqD1s3ttjtLmj46FFsYhQONZGKHQR5JSQALbqcAwff/rwJW3+xOio
hwogSsSvbX3s6u3Pnq+h5WYagJT/RCfyLXa7z+eJTMdyY0HFxSLd/+ZAhyd98n1F
eMpYpai+R1r6CWFL7voPuFNhvw5I4b6sTQACHZEOlq/8ZnOnTBdNeg==
=qRD7
-----END PGP SIGNATURE-----