trunk/Doc/winpt.texi

\input texinfo

@setfilename WinPT

This file describes the Windows Privacy Tray program and its main functions

This file is free under the terms of the GNU General Public License v2.

Copyright (C) 2006 Timo Schulz

Version 0.1.0

@settitle WinPT - The Windows Privacy Tray; a free GPG front-end for Windows

@section Requirements for WinPT

First you need to have a working GnuPG 1.4 installtion on the machine you
plan to install WinPT. If you don't have GPG in your machine, please
visit http://www.gnupg.org and download the latest GPG version there.
It comes with a graphical installer so there is no need to do this
step manually.

You need at least Windows 98/2K/XP, but Windows XP or better is
recommend. The program also works on NT/95/ME but there is no support
for these OS versions any longer.

@section A short Introduction

WinPT is a graphical GnuPG front-end which resides in the task bar.
It is divided into several, so-called, managers. There is a manager
for the keyring, for files and for smart cards. The aim of the program
is to secure email communication and to perform file encryption.

@subsection What is GnuPG
GnuPG is a tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed Internet standard as described in RFC2440.

@subsection The Web of Trust
For a detailled description of these and other GnuPG topics, I
recommend the available literature at http://www.gnupg.org. But
at least a general overview should be given here.

The certification scheme of OpenPGP does not base on a hirachical
approach. Instead it uses a combination of ownertrust and direct
key certification. Here is an example with Alice, Bob, Carol and Dave.

Alice knows Bob and checked the fingerprint of Bob's key when he
met him personally. Thus she knows that the key really belongs to
its owner and he trusts Bob to certify other keys. Then she issued
a signature on Bob's key. Bob knows Carol and also checked her identity.
Then he signed her key. Alice does not know Carol, but he knows Bob
and Bob trusts Carol. And because Alice trusts Bob, at a level she
decided before, he also trusts Carol. It's a transitiv relation.
Dave is isolated and does not know anybody from the mentioned persons,
thus he is not in the WoT.
Another very important point is, that the signer can decide,
after the certification, how much he trusts the key owner to
certify other keys.

It is very important to check the identify of a key owner. Mostly
this is done by comparing the fingerprint, which were submitted
by phone or written down at a personal meeting, with the fingerprint
of the key in the keyring. Please bear in mind that anybody can create
a key with an email address and a specific name. Thus it is not
recommend to sign keys without doing this check before!

The fingerprint of the key is hexadecial (160-bit) sequence divided
into 10 groups of 4 hex digits. You can get the fingerprint of a key
by opening the key property dialog. There you can mark the fingerprint
and copy it to the clipboard.

Example: 1D75 8108 5BC9 D9FB E78B  2078 ED46 81C9 BF3D F9B4

It is a good idea to publish your fingerprint wherever possible.
For example via a business card or your website.

@section Installation of the Program

It is always recommend to use the latest version of the program. You
can download it from http://wald.intevation.org/projects/winpt.
Download the zip file with the binaries inside and unpack them in
a folder. All files need to be in the same folder, so if you change
the folder don't forget to move all files.
You should also download and verify the signature of the packet to 
make sure that the release is really authentic.

To activate the program you just need to start WinPT.exe. You should
now see a little (golden key) icon in the taskbar which indicates that 
the program is running. If you want to quit the program, right click
on the symbol and select "Exit".

Alternative, you may use one of the graphical GPG installers which
are available on the internet. I recommend to use Gpg4Win which
includes a set of very useful privacy tools, beside WinPT and it
is very easy to use with an average size (~4MB). For non-German
speaking users, I recommend the light version because it does not
contain the 2 German PDF manuals.

@subsection Getting the Source of the Program
As free software, according to the GNU General Public License,
WinPT also offers the source code for the program. It can be used
for reviews, to compile your own binary and/or to modify and/or
redistribute it or just to learn how it works. The source is available
at the same place you downloaded the binary. If not, you should
contact the author of the site.
The entire program can be build with free software; the default
environment is a cross-compiler hosted on a Linux box. All you
need is the mingw32 packages, a working autoconf environment
and the libs WinPT depends on (currently gpgme and libgpg-error).
It is also possible to build the binary with cygwin/mingw32 on
Windows but this environment is not actively supported and propably
needs adjustment of the source.

@subsection Configure the Program
After the installation not much of the default settings need to
be changed. If you prefer a special keyserver, it is propably a good 
idea to open the keyserver dialog and to set one of the existing 
keyservers as the default or create a new entry and mark it as the 
new default. The default keyserver is subkeys.pgp.net, which is
the best choice for most users.

@subsection GPG Options
For expert users, the GPG preference dialog might contain some
interesting options. For example to set the expiration date of
a signature and/or to set the signing level for key signing.
It also allows to set a default 'encrypt-to' key and to set
the comment in ASCII armored files.

@subsection Preferences
In the WinPT preference dialog, the user can modify and/or disable
the default options. For new users it is suggested to leave the
default values as they are, except when there are problems related
to the hotkeys.

To enable keyring backups, the user can either decide to use the
GPG home directory as the backup folder or any other folder. In
the latter case, a folder needs to be chosen.


@section The First Start

This section is only important for people who never installed
and/or used WinPT before.

When the program is started the first time, it offers two choices.
The one is to generate a key pair and the other is to copy
existing GPG keyrings into the current installation.

We assume the user will select the first entry.

Now a new dialog is shown which requests some information from
the user to allow a meaningful association between the key and
the user. If the user prefer RSA keys, the check box should be marked. 
If the entered data is OK, WinPT then generates a new key pair. As long
as this step takes, a progress dialog is shown to indicate the 
enduring process. When the generation of the keypair is done, WinPT 
offers the chance to backup the existing keyrings. This is definitely
an important decision because if the keyring will get corrupted
or lost, there is no way to recover the encrypted data. That is
why it is also important to store the backup, at least of the
secret keyring, at a @strong{safe} place.

@section Keyserver Access

An easy way to retrieve keys is the keyserver. You can think of
it like a huge database with a lot of keys as its content. It is 
possible to search keys by a pattern, a keyid or even a fingerprint.
WinPT allows to access different kind of keyservers. For example
LDAP, HKP, Finger and HTTP. But the focus will be set on HKP because
this is the common case.

In some situations WinPT asks the user whether to retrieve keys 
automatically. One example is the signature verification when the 
key that issued the signature was not found in the keyring.

The main keyserver dialog allows to fetch one or more keys directly
or to search for a given pattern.

@subsection Retrieve a key by Key ID
The best way to fetch a key from the server is by the key ID.
Just enter the key ID, it is always a good idea to prefix it
with 0x and click the "Receive" button.

An example:

pattern: 0xBF3DF9B4

[Receive]


@subsection Retrieve a key by its email address
If you only know the email address from your partner, you can
enter it instead of the key ID. It is unlikely but possible
that there are more keys with the same address. In this situation,
WinPT will warn you that multiple keys were imported. The difference
to the search function is, that the keys were dirctly fetched and
not displayed as a key result list.


An example:

pattern: name_of_friend@@gmx.net

[Receive]


@subsection Search for a key by pattern
If you want to communicate with a new mail partner and you are
not sure about the key ID, it can be useful to search for his
email address. This address is considered as quite unique.

An example:

pattern: winpt@@windows-privacy-tray.com

[Search]

Now a dialog is opened with a list of all keys which matched
the search string. If the name @strong{and} the email address
is known, the matching key should be selected and "Receive"
should be clicked. Then the key will be downloaded and added
to your keyring. Now you can encrypt data with this key, for
example an email.

@subsection Sending a Key to the Keyserver
After you generated a new key pair, it is a good idea to send your
key to the keyserver to make it available for other users. If you
issue a signature, the key ID is part of the signature and people can 
automatically retrieve your key when they try to verify the signature.

Actually, the action is performed in the Key Manager and not in the
keyserver dialog. Just open the Key Manager, select the key you want
to send right-click on it and chose "Send to Keyserver" in the popup
menu. Then a message box with the result is shown.

@subsection Add, Delete or Edit a Keyserver Entry
The keyserver dialog allow to change the existing keyserver entries,
to delete them or to add new entries. Just right click on a selected
item and a popup menu will be shown with ("Edit", "Remove" and "New").

@section Using the Clipboard

A major aim from the first day was, that the program does not
depend on a special mailer client. For this reason it uses the
clipboard to encrypt and/or sign data.
For the examples, let's assume that you want to write a new
mail or that you received a mail protected by GnuPG.

@subsection Encrypt Data in the Clipboard
Just copy the text from the mailer window into the clipboard.
This is usually done by CTRL+C, make sure you really selected
all portions of the text. Then right-click on the tray icon
and select Clipboard->Encryption. Now a dialog is shown to
select the recipients. This means you need to select all
keys which should be able to decrypt the mail. Confirm with "OK".
GnuPG now encrypts the data with the selected recipients. At the
end a message box with the result is shown. Now the clipboard should 
contain the encrypted data. Just paste it into the mailer window.
The output should contain a header and a footer
"BEGIN PGP MESSAGE" and "END PGP MESSAGE.

@subsection Decrypt/Verify Data from the Clipboard

@subsection Sign the Clipboard

@section The Key Manager

This part of the program is propably most important for many users.
It contains function to manage your keyring and to perform actions
which are required and/or useful in the OpenPGP environment.

@subsection Tips

@itemize @bullet

@item
If you want to import quickly a key from a into the keyring, just
drag and drop the file into the Key Manager window. Then the import
procedure will be automatically started.

@item
Key which were fetched from keyservers often contain a lot of,
maybe obsolete, self signatures, if you want to get rid of them
you can use the Key Edit->Clean feature. Just start the edit
dialog and select the clean command. That's it.

@item
The keyserver dialog does not allow to import a key directly
via an URL, as an alternative you may use the "Import HTTP..."
feature in the Key Manager. With it you can directly fetch keys
from the web (Example: http://www.users.my-isp.de/~joe/gpg-keys.asc).

@item
To customize the parameters of the generated key, you can use
the expert key generation. It allows you to set the public key
algorithm and/or the size of the key directly.

@item
Most of the list view based dialogs allow to use the right
mouse button, to show popup menus with available commands.

@end itemize

@subsection Create a Revocation Certificate

It is very important to do this step early as possible. With this
certificate, you can revoke your entire key. The reason for this
can be for example, that your key is no longer used or even compromised.
After you generated the revoc cert, you should move it to a secure place
because anybody who gets access to it, can render your key unuseable.

Just right-click on your key and select "Revoke Cert". If you do this
step directly after key generation, there is no need to change the 
default values. Just select a file name and enter the passphrase.
The program issues a warning which should be read carefully.

@subsection Adding a new Secondary Key

For most users the existing keys in the key pair are enough
and no extra key is needed. But there are some exceptions.

@itemize @bullet

@item
The primary key has no secondary key and the primary key is not
able to encrypt data. In this case it can be a good idea to
add a secondary encryption key.

@item
A lot of people use secondary encryption keys with an expiration
date. Usually the key is valid for 1-2 years. After the key is expired,
a new key is needed in order to encrypt data.

@end itemize

What kind of public key algorithm should be selected is a matter
of taste. RSA and ElGamal are both capable for encryption. For most
users it's a good idea to let the program chose the key size (in bits).
The default settings should be secure enough for most purposes.

@subsection Adding a new User ID
If you got a new email account, it's propably a good idea to
add these new account to your key also. For example:

A new account was registed at gmail.com (john.doo@@gmail.com).
Then you should create a new user ID with the following fields:

name: John Doo

email: john.doo@@gmail.com

comment: (optional)

Now email programs are able to associate this address with your
key when somebody wants to send you a protected mail to this account.

@subsection Adding a new Photographic ID
With this function you can add a photo to your public. It will be
displayed in the key property dialog.

You just need to select a JPEG file which contains the photo and
enter your passphrase and confirm with OK. Please read the note
in the dialog carefully to make sure the photo has a proper size
(file, height and weight).

@subsection Adding a new Designated Revoker
If you want to allow another key to revoke your own key, this
might be useful if you lost your secret or a simliar situation,
you can use this function to add a designated revoker to your key.

All you need to do is to select the key you want to add as a desig
revoker. But please bear in mind that this procedure cannot be undone
and that this person really has the power to make your public key
unuseable. You really should trust the selected key, in case it is
not a key owned by yourself.

@subsection Export a Public Key
There are several reason why to export a public key and there
are also several ways to do it. If you want to send the key
directly to a mail recipient, you can select the key, right-click,
and select "Send Key to Mail Recipient". As an alternative, you
can also export it to the clipboard or to a file. To export a
key to the clipboard, you can select "Copy key to Clipboard"
in the popup menu of the selected key. To export it to a file,
you need to select the menu "Key" and then "Export...". The
program will automatically suggest a name for the output.

@subsection Import a Public Key
Similar to the key import, the import of a key can be done in
several ways. First, let's assume you got a mail with an OpenPGP
key included as inline text. Then you can use the current window
feature and "Decrypt/Verify" to import the key. Alternative you
also may use the clipboard. To achieve this, you first need to
select the entire key (CTRL+A) and then copy it to the clipboard
(CTRL+C), then use the Key Manager (Edit->Paste) to import it.
If the key is stored as an attachment, or you want to import
a key from a file in general, just drag the file and drop it
into the Key Manager window or use "Key" -> "Import...".

@subsection Sign a Public Key
If you verified that a key really belongs to its owner, you
should sign the key to integrate it into your Web of Trust
and also to mark the key as valid in your keyring. Do not sign
a key you just got via email with the request to sign it. Anybody
can create a key with your (or better ANY) name, these information 
are no hint to whom the key really belongs. You can check a key 
by meeting or calling the key owner and verify the key fingerprint 
of the key with the one published by the key owner. Additional checks
should be to watch at his driver license or the identity card to make
sure that name of the key matches the name of the key owner. After
this procedure is done, you can open the Key Manager, select the
right key and either use the context menu "Sign Key" or use the
toolbar button.

The next dialog will summarize the key information and some
additional options. For example if the signature should be
local or exportable. Local means the signature will be stripped
if you export the key and no one else except you can use it to
calculate the validity. If you mark the signature exportable,
any other user can see and use it. Now you can select the key
you want to use to sign and enter the passphrase. Confirm with "OK"
and the key will be signed. Now the validity of the new key is
"Full". It is propably a good idea to set the ownertrust of the
key. For a detailled description, see the chapter "Key Ownertrust".

@subsection Key Ownertrust
First we should explain what the ownertrust of a key is. The ownertrust
is a measurement how much you trust somebody to certify and check keys
of other people. For example, if you know that Bob is really the owner
of the key, you should sign it. But he is also known to sign other keys
without checking the idenity of the other key owner. Values for the
ownertrust are 1) Don't Know 2) Don't Trust 3) Marginal 4) Full
and thus you should propably use an ownertrust value like "Marginal".
But this is a personal decision and stored in a separate file and
never exported with the public keys. For further information, please
take a look into the GNU Privacy Handbook.
Just a last work on Key Pairs, they are automatically marked as
"Ultimate" because the key belongs to you and you trust it implicit.

@bye