PGP 5 Tips:
Getting good cryptography into as many hands as possible as quickly as
Nota Bene: I do not pretend that the solutions I recommend are the
only ones available, just that they appear to be the best ones I
know of, and I wanted to make sure to avoid as many points of
confusion as possible.
- Generating and using Keys:
Use only RSA keys. This single item will avoid more
compatibility problems with PGP 5 than anything else
(specifically compatibility problems between PGP 5 and
older versions of PGP).
- If you're using the US freeware version or the
US "payware" version 5.5 or later (which are unable
to generate RSA keys), you've got three options:
- Import RSA keys from a previous version
- Upgrade to the full-featured "payware"
(pre-5.5) version, if you can find it
- "Upgrade" to the old version 2.6.x code,
so that you maintain backward compatibility
by using the old code
I cannot recommend allowing a friend to generate
the key for you using his RSA-capable version of
PGP -- I don't trust anyone that much.
- Assuming you take the first of the above three
options, the proper way to import your keys into
PGP 5 is to import the public key part first,
re-assign trust models to it, then import the secret
key part. Doing these steps in any other order
will almost certainly cause you to lose the trust
associations you set, and you'll end up having to
do that work over again.
- If you got PGP 5.x as a part of Eudora 3.x (or
greater), the version you have is unable to support
RSA keys in any fashion. You need to upgrade to
the full-featured "payware" (pre-5.5) version.
PGP, Inc may still be running a Eudora-specific $5.00
upgrade program, but it probably won't get you a
pre-5.5 version. Just in case, see http://www.pgp.com/products/eudora.cgi.
- PGP "payware" 5.5 and later are totally incapable of
generating RSA keys. If you want to generate RSA keys,
you have to use an older version -- either the 2.6.x
code or the "payware" pre-5.5 versions.
- HKP keyserver problems:
If you're having problems getting through to one of the
Horowitz Key Protocol (HKP) servers on port 11371 (e.g.,
pgpkeys.mit.edu, horowitz.surfnet.nl, etc...), you have
- Mixed RSA and DH/DSS recipients:
If you have to send a message to several recipients, and
some of them have RSA keys (PGP 5 and earlier) and some of
them have Diffie-Hellman/DSS keys (PGP 5 and above), you
should split the set of recipients up by the type of key
they have and send two copies of it (one copy to only DH/DSS
recipients and one copy to only RSA recipients). This way,
any recipients who do not yet have PGP 5 will still be able
to read your message.
If you were to send just one copy of the message to a mixture
of DH/DSS and RSA keyholders, you would run the risk that older
versions of PGP will not know how to deal with the session
keys that have been encrypted for the DH/DSS keyholders, and
therefore they'll be unable to read the message.
Fortunately, at least some versions of PGP 5.x are aware
of this problem and will try to help you do "The Right
- Message formatting with PGP/MIME:
- Note that the most recent versions of many MUAs will
default to using PGP/MIME format (see RFC 2015), and
will typically request that you choose the
signing/encrypting key and provide your passphrase at
the time you connect to your mail server to deliver
your mail message, as opposed to when you queue the
message for later delivery. If you set things on
automatic and walk away, this could cause the connection
to time out and not deliver any messages after the
first one that required your interaction at the keyboard.
- Although PGP/MIME is a standards-track RFC, there are
still a wide variety of programs that do not understand
it at all, or provide only minimal support for it. If
at all possible, configure your programs so that they
generate what I like to call "PGP Classic" format (so
that they have the "--- BEGIN PGP MESSAGE ---"
and "--- END PGP MESSAGE ---"
type headers and footers with
integral signatures), but understand both "PGP Classic"
- If you use PGP/MIME, be aware that some mailing list
mangers (e.g., Listserv) may munge your PGP-signed messages,
unless they've set "Translate=No" for the list
(this is a well-known problem and documented in section 3
of RFC 2015). Your options are:
- Configure your MUA to use "PGP Classic" format
instead of PGP/MIME
- Figure out how to get your MUA to default to a
Content-transfer-encoding of Quoted-Printable instead
of US-ASCII (note that this may have some
collateral problems, as there is good reason why
the Europeans refer to quoted-printable as
- Copyright and patent law issues:
If you're in the US, don't think that by grabbing the
International version and linking it against RSAREF
that you've solved all your problems. This would solve
the RSA licensing problems, but does not solve the
problem that PGP is copyrighted in the US, and PGP,
Inc. has released only certain specific programs for
noncommercial freely available use in the US. Given
the recent laws that have been passed regarding copyright
and extremely stiff punishments for violations thereof,
this is not a sort of activity that I can condone.
- Version availability:
Be advised that PGP 5.x is not yet available for MS-DOS
or Microsoft Windows 3.x (and probably never will be,
at least not in the US), and only beta releases of the
International version are available for many forms of
Unix. If you get the International version source
code, you need to make sure that you compile it in a
manner that will be legal for use in your country, both
with respect to the RSA algorithms and their
implementation, as well as the copyright issues of the
PGP code itself.
- Signing keys:
- RSA Keys. Do not use DH/DSS keys to sign RSA keys.
If the person whose RSA key you are signing doesn't
have PGP 5.x, then the newly signed key will be unreadable
and unusable to them -- they won't be able to import
your DSS signature.
- DH/DSS keys. While it is unlikely to mess anything
up to sign a DH/DSS key with an RSA key, you should
sign a DH/DSS key with another DH/DSS key, if at all
possible. There may be a time in the future when all
RSA support has been removed from all PGP products,
and the presence of an RSA signature on your DH/DSS
key may present problems.
Many thanks to the posters of comp.security.pgp.discuss
for some of the above items.
If you have any comments, please email me at