| 24 |
recommend. The program also works on NT/95/ME but there is no support |
recommend. The program also works on NT/95/ME but there is no support |
| 25 |
for these OS versions any longer. |
for these OS versions any longer. |
| 26 |
|
|
| 27 |
|
@section A short Introduction |
| 28 |
|
WinPT is a graphical GnuPG front-end which resides in the task bar. |
| 29 |
|
It is divided into several, so-called, managers. There is a manager |
| 30 |
|
for the keyring, for files and for smart cards. The aim of the program |
| 31 |
|
is to secure email communication and to perform file encryption. |
| 32 |
|
|
| 33 |
|
@subsection What is GnuPG |
| 34 |
|
GnuPG is a tool for secure communication and data storage. |
| 35 |
|
It can be used to encrypt data and to create digital signatures. |
| 36 |
|
It includes an advanced key management facility and is compliant |
| 37 |
|
with the proposed Internet standard as described in RFC2440. |
| 38 |
|
|
| 39 |
|
@subsection The Web of Trust |
| 40 |
|
For a detailled description of these and other GnuPG topics, I |
| 41 |
|
recommend the available literature at http://www.gnupg.org. But |
| 42 |
|
at least a general overview should be given here. |
| 43 |
|
|
| 44 |
|
The certification scheme of OpenPGP does not base on a hirachical |
| 45 |
|
approach. Instead it uses a combination of ownertrust and direct |
| 46 |
|
key certification. Here is an example with Alice, Bob, Carol and Dave. |
| 47 |
|
|
| 48 |
|
Alice knows Bob and checked the fingerprint of Bob's key when he |
| 49 |
|
met him personally. Thus she knows that the key really belongs to |
| 50 |
|
its owner and he trusts Bob to certify other keys. Then she issued |
| 51 |
|
a signature on Bob's key. Bob knows Carol and also checked her identity. |
| 52 |
|
Then he signed her key. Alice does not know Carol, but he knows Bob |
| 53 |
|
and Bob trusts Carol. And because Alice trusts Bob, at a level she |
| 54 |
|
decided before, he also trusts Carol. It's a transitiv relation. |
| 55 |
|
Dave is isolated and does not know anybody from the mentioned persons, |
| 56 |
|
thus he is not in the WoT. |
| 57 |
|
Another very important point is, that the signer can decide, |
| 58 |
|
after the certification, how much he trusts the key owner to |
| 59 |
|
certify other keys. |
| 60 |
|
|
| 61 |
|
It is very important to check the identify of a key owner. Mostly |
| 62 |
|
this is done by comparing the fingerprint, which were submitted |
| 63 |
|
by phone or written down at a personal meeting, with the fingerprint |
| 64 |
|
of the key in the keyring. Please bear in mind that anybody can create |
| 65 |
|
a key with an email address and a specific name. Thus it is not |
| 66 |
|
recommend to sign keys without doing this check before! |
| 67 |
|
|
| 68 |
|
The fingerprint of the key is hexadecial (160-bit) sequence divided |
| 69 |
|
into 10 groups of 4 hex digits. You can get the fingerprint of a key |
| 70 |
|
by opening the key property dialog. There you can mark the fingerprint |
| 71 |
|
and copy it to the clipboard. |
| 72 |
|
|
| 73 |
|
Example: 1D75 8108 5BC9 D9FB E78B 2078 ED46 81C9 BF3D F9B4 |
| 74 |
|
|
| 75 |
@section Installation of the Program |
@section Installation of the Program |
| 76 |
|
|
| 79 |
Download the zip file with the binaries inside and unpack them in |
Download the zip file with the binaries inside and unpack them in |
| 80 |
a folder. All files need to be in the same folder, so if you change |
a folder. All files need to be in the same folder, so if you change |
| 81 |
the folder don't forget to move all files. |
the folder don't forget to move all files. |
| 82 |
|
You should also download and verify the signature of the packet to |
| 83 |
|
make sure that the release is really authentic. |
| 84 |
|
|
| 85 |
To activate the program you just need to start WinPT.exe. You should |
To activate the program you just need to start WinPT.exe. You should |
| 86 |
now see a little (golden key) icon in the taskbar which indicates that |
now see a little (golden key) icon in the taskbar which indicates that |
| 117 |
|
|
| 118 |
To enable keyring backups, the user can either decide to use the |
To enable keyring backups, the user can either decide to use the |
| 119 |
GPG home directory as the backup folder or any other folder. In |
GPG home directory as the backup folder or any other folder. In |
| 120 |
the latter case, a folder needs to be chosen. If the backup should |
the latter case, a folder needs to be chosen. |
|
also include the secret keyring, please check the corresponding box. |
|
| 121 |
|
|
| 122 |
|
|
| 123 |
@section The First Start |
@section The First Start |
| 158 |
or to search for a given pattern. |
or to search for a given pattern. |
| 159 |
|
|
| 160 |
@subsection Retrieve a key by Key ID |
@subsection Retrieve a key by Key ID |
| 161 |
|
The best way to fetch a key from the server is by the key ID. |
| 162 |
|
Just enter the key ID, it is always a good idea to prefix it |
| 163 |
|
with 0x and click the "Receive" button. |
| 164 |
|
|
| 165 |
|
An example: |
| 166 |
|
|
| 167 |
|
pattern: 0xBF3DF9B4 |
| 168 |
|
|
| 169 |
|
[Receive] |
| 170 |
|
|
| 171 |
|
|
| 172 |
@subsection Retrieve a key by its email address |
@subsection Retrieve a key by its email address |
| 173 |
|
If you only know the email address from your partner, you can |
| 174 |
|
enter it instead of the key ID. It is unlikely but possible |
| 175 |
|
that there are more keys with the same address. In this situation, |
| 176 |
|
WinPT will warn you that multiple keys were imported. The difference |
| 177 |
|
to the search function is, that the keys were dirctly fetched and |
| 178 |
|
not displayed as a key result list. |
| 179 |
|
|
| 180 |
|
|
| 181 |
|
An example: |
| 182 |
|
|
| 183 |
|
pattern: name_of_friend@@gmx.net |
| 184 |
|
|
| 185 |
|
[Receive] |
| 186 |
|
|
| 187 |
|
|
| 188 |
@subsection Search for a key by pattern |
@subsection Search for a key by pattern |
| 189 |
If you want to communicate with a new mail partner and you are |
If you want to communicate with a new mail partner and you are |
| 192 |
|
|
| 193 |
An example: |
An example: |
| 194 |
|
|
| 195 |
pattern: twoaday@@freakmail.de |
pattern: winpt@@windows-privacy-tray.com |
| 196 |
|
|
| 197 |
[Search] |
[Search] |
| 198 |
|
|
| 203 |
to your keyring. Now you can encrypt data with this key, for |
to your keyring. Now you can encrypt data with this key, for |
| 204 |
example an email. |
example an email. |
| 205 |
|
|
| 206 |
@section Adding new elements to your key |
@subsection Sending a Key to the Keyserver |
| 207 |
|
After you generated a new key pair, it is a good idea to send your |
| 208 |
|
key to the keyserver to make it available for other users. If you |
| 209 |
|
issue a signature, the key ID is part of the signature and people can |
| 210 |
|
automatically retrieve your key when they try to verify the signature. |
| 211 |
|
|
| 212 |
|
Actually, the action is performed in the Key Manager and not in the |
| 213 |
|
keyserver dialog. Just open the Key Manager, select the key you want |
| 214 |
|
to send right-click on it and chose "Send to Keyserver" in the popup |
| 215 |
|
menu. Then a message box with the result is shown. |
| 216 |
|
|
| 217 |
|
@subsection Add, Delete or Edit a Keyserver Entry |
| 218 |
|
The keyserver dialog allow to change the existing keyserver entries, |
| 219 |
|
to delete them or to add new entries. Just right click on a selected |
| 220 |
|
item and a popup menu will be shown with ("Edit", "Remove" and "New"). |
| 221 |
|
|
| 222 |
|
@section Using the Clipboard |
| 223 |
|
A major aim from the first day was, that the program does not |
| 224 |
|
depend on a special mailer client. For this reason it uses the |
| 225 |
|
clipboard to encrypt and/or sign data. |
| 226 |
|
For the examples, let's assume that you want to write a new |
| 227 |
|
mail or that you received a mail protected by GnuPG. |
| 228 |
|
|
| 229 |
|
@subsection Encrypt Data in the Clipboard |
| 230 |
|
Just copy the text from the mailer window into the clipboard. |
| 231 |
|
This is usually done by CTRL+C, make sure you really selected |
| 232 |
|
all portions of the text. Then right-click on the tray icon |
| 233 |
|
and select Clipboard->Encryption. Now a dialog is shown to |
| 234 |
|
select the recipients. This means you need to select all |
| 235 |
|
keys which should be able to decrypt the mail. Confirm with "OK". |
| 236 |
|
GnuPG now encrypts the data with the selected recipients. At the |
| 237 |
|
end a message box with the result is shown. Now the clipboard should |
| 238 |
|
contain the encrypted data. Just paste it into the mailer window. |
| 239 |
|
The output should contain a header and a footer |
| 240 |
|
"BEGIN PGP MESSAGE" and "END PGP MESSAGE. |
| 241 |
|
|
| 242 |
|
@subsection Decrypt/Verify Data from the Clipboard |
| 243 |
|
|
| 244 |
|
@subsection Sign the Clipboard |
| 245 |
|
|
| 246 |
|
@section The Key Manager |
| 247 |
|
This part of the program is propably most important for many users. |
| 248 |
|
It contains function to manage your keyring and to perform actions |
| 249 |
|
which are required and/or useful in the OpenPGP environment. |
| 250 |
|
|
| 251 |
|
@subsection Tips |
| 252 |
|
|
| 253 |
|
@itemize @bullet |
| 254 |
|
|
| 255 |
|
@item |
| 256 |
|
If you want to import quickly a key from a into the keyring, just |
| 257 |
|
drag and drop the file into the Key Manager window. Then the import |
| 258 |
|
procedure will be automatically started. |
| 259 |
|
|
| 260 |
|
@item |
| 261 |
|
Key which were fetched from keyservers often contain a lot of, |
| 262 |
|
maybe obsolete, self signatures, if you want to get rid of them |
| 263 |
|
you can use the Key Edit->Clean feature. Just start the edit |
| 264 |
|
dialog and select the clean command. That's it. |
| 265 |
|
|
| 266 |
|
@item |
| 267 |
|
The keyserver dialog does not allow to import a key directly |
| 268 |
|
via an URL, as an alternative you may use the "Import HTTP..." |
| 269 |
|
feature in the Key Manager. With it you can directly fetch keys |
| 270 |
|
from the web (Example: http://www.users.my-isp.de/~joe/gpg-keys.asc). |
| 271 |
|
|
| 272 |
|
@item |
| 273 |
|
To customize the parameters of the generated key, you can use |
| 274 |
|
the expert key generation. It allows you to set the public key |
| 275 |
|
algorithm and/or the size of the key directly. |
| 276 |
|
|
| 277 |
|
@end itemize |
| 278 |
|
|
| 279 |
@subsection Adding a new secondary key |
@subsection Adding a new secondary key |
| 280 |
|
|
Parent Directory
| 
Revision Log
| 
Patch