| 8 |
|
|
| 9 |
Copyright (C) 2006 Timo Schulz |
Copyright (C) 2006 Timo Schulz |
| 10 |
|
|
| 11 |
Version 0.0.0 |
Version 0.1.0 |
| 12 |
|
|
| 13 |
@settitle WinPT - The Windows Privacy Tray; a free GPG front-end for Windows |
@settitle WinPT - The Windows Privacy Tray; a free GPG front-end for Windows |
| 14 |
|
|
| 25 |
for these OS versions any longer. |
for these OS versions any longer. |
| 26 |
|
|
| 27 |
@section A short Introduction |
@section A short Introduction |
| 28 |
|
|
| 29 |
WinPT is a graphical GnuPG front-end which resides in the task bar. |
WinPT is a graphical GnuPG front-end which resides in the task bar. |
| 30 |
It is divided into several, so-called, managers. There is a manager |
It is divided into several, so-called, managers. There is a manager |
| 31 |
for the keyring, for files and for smart cards. The aim of the program |
for the keyring, for files and for smart cards. The aim of the program |
| 73 |
|
|
| 74 |
Example: 1D75 8108 5BC9 D9FB E78B 2078 ED46 81C9 BF3D F9B4 |
Example: 1D75 8108 5BC9 D9FB E78B 2078 ED46 81C9 BF3D F9B4 |
| 75 |
|
|
| 76 |
|
It is a good idea to publish your fingerprint wherever possible. |
| 77 |
|
For example via a business card or your website. |
| 78 |
|
|
| 79 |
@section Installation of the Program |
@section Installation of the Program |
| 80 |
|
|
| 81 |
It is always recommend to use the latest version of the program. You |
It is always recommend to use the latest version of the program. You |
| 98 |
speaking users, I recommend the light version because it does not |
speaking users, I recommend the light version because it does not |
| 99 |
contain the 2 German PDF manuals. |
contain the 2 German PDF manuals. |
| 100 |
|
|
| 101 |
|
@subsection Getting the Source of the Program |
| 102 |
|
As free software, according to the GNU General Public License, |
| 103 |
|
WinPT also offers the source code for the program. It can be used |
| 104 |
|
for reviews, to compile your own binary and/or to modify and/or |
| 105 |
|
redistribute it or just to learn how it works. The source is available |
| 106 |
|
at the same place you downloaded the binary. If not, you should |
| 107 |
|
contact the author of the site. |
| 108 |
|
The entire program can be build with free software; the default |
| 109 |
|
environment is a cross-compiler hosted on a Linux box. All you |
| 110 |
|
need is the mingw32 packages, a working autoconf environment |
| 111 |
|
and the libs WinPT depends on (currently gpgme and libgpg-error). |
| 112 |
|
It is also possible to build the binary with cygwin/mingw32 on |
| 113 |
|
Windows but this environment is not actively supported and propably |
| 114 |
|
needs adjustment of the source. |
| 115 |
|
|
| 116 |
@subsection Configure the Program |
@subsection Configure the Program |
| 117 |
After the installation not much of the default settings need to |
After the installation not much of the default settings need to |
| 118 |
be changed. If you prefer a special keyserver, it is propably a good |
be changed. If you prefer a special keyserver, it is propably a good |
| 140 |
|
|
| 141 |
|
|
| 142 |
@section The First Start |
@section The First Start |
| 143 |
|
|
| 144 |
This section is only important for people who never installed |
This section is only important for people who never installed |
| 145 |
and/or used WinPT before. |
and/or used WinPT before. |
| 146 |
|
|
| 163 |
secret keyring, at a @strong{safe} place. |
secret keyring, at a @strong{safe} place. |
| 164 |
|
|
| 165 |
@section Keyserver Access |
@section Keyserver Access |
| 166 |
|
|
| 167 |
An easy way to retrieve keys is the keyserver. You can think of |
An easy way to retrieve keys is the keyserver. You can think of |
| 168 |
it like a huge database with a lot of keys as its content. It is |
it like a huge database with a lot of keys as its content. It is |
| 169 |
possible to search keys by a pattern, a keyid or even a fingerprint. |
possible to search keys by a pattern, a keyid or even a fingerprint. |
| 241 |
item and a popup menu will be shown with ("Edit", "Remove" and "New"). |
item and a popup menu will be shown with ("Edit", "Remove" and "New"). |
| 242 |
|
|
| 243 |
@section Using the Clipboard |
@section Using the Clipboard |
| 244 |
|
|
| 245 |
A major aim from the first day was, that the program does not |
A major aim from the first day was, that the program does not |
| 246 |
depend on a special mailer client. For this reason it uses the |
depend on a special mailer client. For this reason it uses the |
| 247 |
clipboard to encrypt and/or sign data. |
clipboard to encrypt and/or sign data. |
| 266 |
@subsection Sign the Clipboard |
@subsection Sign the Clipboard |
| 267 |
|
|
| 268 |
@section The Key Manager |
@section The Key Manager |
| 269 |
|
|
| 270 |
This part of the program is propably most important for many users. |
This part of the program is propably most important for many users. |
| 271 |
It contains function to manage your keyring and to perform actions |
It contains function to manage your keyring and to perform actions |
| 272 |
which are required and/or useful in the OpenPGP environment. |
which are required and/or useful in the OpenPGP environment. |
| 297 |
the expert key generation. It allows you to set the public key |
the expert key generation. It allows you to set the public key |
| 298 |
algorithm and/or the size of the key directly. |
algorithm and/or the size of the key directly. |
| 299 |
|
|
| 300 |
|
@item |
| 301 |
|
Most of the list view based dialogs allow to use the right |
| 302 |
|
mouse button, to show popup menus with available commands. |
| 303 |
|
|
| 304 |
@end itemize |
@end itemize |
| 305 |
|
|
| 306 |
@subsection Adding a new secondary key |
@subsection Create a Revocation Certificate |
| 307 |
|
|
| 308 |
|
It is very important to do this step early as possible. With this |
| 309 |
|
certificate, you can revoke your entire key. The reason for this |
| 310 |
|
can be for example, that your key is no longer used or even compromised. |
| 311 |
|
After you generated the revoc cert, you should move it to a secure place |
| 312 |
|
because anybody who gets access to it, can render your key unuseable. |
| 313 |
|
|
| 314 |
|
Just right-click on your key and select "Revoke Cert". If you do this |
| 315 |
|
step directly after key generation, there is no need to change the |
| 316 |
|
default values. Just select a file name and enter the passphrase. |
| 317 |
|
The program issues a warning which should be read carefully. |
| 318 |
|
|
| 319 |
|
@subsection Adding a new Secondary Key |
| 320 |
|
|
| 321 |
For most users the existing keys in the key pair are enough |
For most users the existing keys in the key pair are enough |
| 322 |
and no extra key is needed. But there are some exceptions. |
and no extra key is needed. But there are some exceptions. |
| 340 |
users it's a good idea to let the program chose the key size (in bits). |
users it's a good idea to let the program chose the key size (in bits). |
| 341 |
The default settings should be secure enough for most purposes. |
The default settings should be secure enough for most purposes. |
| 342 |
|
|
| 343 |
@subsection Adding a new user ID |
@subsection Adding a new User ID |
| 344 |
If you got a new email account, it's propably a good idea to |
If you got a new email account, it's propably a good idea to |
| 345 |
add these new account to your key also. For example: |
add these new account to your key also. For example: |
| 346 |
|
|
| 356 |
Now email programs are able to associate this address with your |
Now email programs are able to associate this address with your |
| 357 |
key when somebody wants to send you a protected mail to this account. |
key when somebody wants to send you a protected mail to this account. |
| 358 |
|
|
| 359 |
@subsection Adding a photographic ID |
@subsection Adding a new Photographic ID |
| 360 |
With this function you can add a photo to your public. It will be |
With this function you can add a photo to your public. It will be |
| 361 |
displayed in the key property dialog. |
displayed in the key property dialog. |
| 362 |
|
|
| 365 |
in the dialog carefully to make sure the photo has a proper size |
in the dialog carefully to make sure the photo has a proper size |
| 366 |
(file, height and weight). |
(file, height and weight). |
| 367 |
|
|
| 368 |
@subsection Adding a new designated revoker |
@subsection Adding a new Designated Revoker |
| 369 |
If you want to allow another key to revoke your own key, this |
If you want to allow another key to revoke your own key, this |
| 370 |
might be useful if you lost your secret or a simliar situation, |
might be useful if you lost your secret or a simliar situation, |
| 371 |
you can use this function to add a designated revoker to your key. |
you can use this function to add a designated revoker to your key. |
| 376 |
unuseable. You really should trust the selected key, in case it is |
unuseable. You really should trust the selected key, in case it is |
| 377 |
not a key owned by yourself. |
not a key owned by yourself. |
| 378 |
|
|
| 379 |
|
@subsection Export a Public Key |
| 380 |
|
There are several reason why to export a public key and there |
| 381 |
|
are also several ways to do it. If you want to send the key |
| 382 |
|
directly to a mail recipient, you can select the key, right-click, |
| 383 |
|
and select "Send Key to Mail Recipient". As an alternative, you |
| 384 |
|
can also export it to the clipboard or to a file. To export a |
| 385 |
|
key to the clipboard, you can select "Copy key to Clipboard" |
| 386 |
|
in the popup menu of the selected key. To export it to a file, |
| 387 |
|
you need to select the menu "Key" and then "Export...". The |
| 388 |
|
program will automatically suggest a name for the output. |
| 389 |
|
|
| 390 |
|
@subsection Import a Public Key |
| 391 |
|
Similar to the key import, the import of a key can be done in |
| 392 |
|
several ways. First, let's assume you got a mail with an OpenPGP |
| 393 |
|
key included as inline text. Then you can use the current window |
| 394 |
|
feature and "Decrypt/Verify" to import the key. Alternative you |
| 395 |
|
also may use the clipboard. To achieve this, you first need to |
| 396 |
|
select the entire key (CTRL+A) and then copy it to the clipboard |
| 397 |
|
(CTRL+C), then use the Key Manager (Edit->Paste) to import it. |
| 398 |
|
If the key is stored as an attachment, or you want to import |
| 399 |
|
a key from a file in general, just drag the file and drop it |
| 400 |
|
into the Key Manager window or use "Key" -> "Import...". |
| 401 |
|
|
| 402 |
|
@subsection Sign a Public Key |
| 403 |
|
If you verified that a key really belongs to its owner, you |
| 404 |
|
should sign the key to integrate it into your Web of Trust |
| 405 |
|
and also to mark the key as valid in your keyring. Do not sign |
| 406 |
|
a key you just got via email with the request to sign it. Anybody |
| 407 |
|
can create a key with your (or better ANY) name, these information |
| 408 |
|
are no hint to whom the key really belongs. You can check a key |
| 409 |
|
by meeting or calling the key owner and verify the key fingerprint |
| 410 |
|
of the key with the one published by the key owner. Additional checks |
| 411 |
|
should be to watch at his driver license or the identity card to make |
| 412 |
|
sure that name of the key matches the name of the key owner. After |
| 413 |
|
this procedure is done, you can open the Key Manager, select the |
| 414 |
|
right key and either use the context menu "Sign Key" or use the |
| 415 |
|
toolbar button. |
| 416 |
|
|
| 417 |
|
The next dialog will summarize the key information and some |
| 418 |
|
additional options. For example if the signature should be |
| 419 |
|
local or exportable. Local means the signature will be stripped |
| 420 |
|
if you export the key and no one else except you can use it to |
| 421 |
|
calculate the validity. If you mark the signature exportable, |
| 422 |
|
any other user can see and use it. Now you can select the key |
| 423 |
|
you want to use to sign and enter the passphrase. Confirm with "OK" |
| 424 |
|
and the key will be signed. Now the validity of the new key is |
| 425 |
|
"Full". It is propably a good idea to set the ownertrust of the |
| 426 |
|
key. For a detailled description, see the chapter "Key Ownertrust". |
| 427 |
|
|
| 428 |
|
@subsection Key Ownertrust |
| 429 |
|
First we should explain what the ownertrust of a key is. The ownertrust |
| 430 |
|
is a measurement how much you trust somebody to certify and check keys |
| 431 |
|
of other people. For example, if you know that Bob is really the owner |
| 432 |
|
of the key, you should sign it. But he is also known to sign other keys |
| 433 |
|
without checking the idenity of the other key owner. Values for the |
| 434 |
|
ownertrust are 1) Don't Know 2) Don't Trust 3) Marginal 4) Full |
| 435 |
|
and thus you should propably use an ownertrust value like "Marginal". |
| 436 |
|
But this is a personal decision and stored in a separate file and |
| 437 |
|
never exported with the public keys. For further information, please |
| 438 |
|
take a look into the GNU Privacy Handbook. |
| 439 |
|
Just a last work on Key Pairs, they are automatically marked as |
| 440 |
|
"Ultimate" because the key belongs to you and you trust it implicit. |
| 441 |
|
|
| 442 |
@bye |
@bye |
Parent Directory
| 
Revision Log
| 
Patch