/[winpt]/trunk/doc/winpt.texi
ViewVC logotype

Diff of /trunk/doc/winpt.texi

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 227 by twoaday, Wed Jun 14 06:57:57 2006 UTC revision 263 by twoaday, Sat Sep 30 10:24:47 2006 UTC
# Line 4  Line 4 
4    
5  This file describes the Windows Privacy Tray program and its main functions  This file describes the Windows Privacy Tray program and its main functions
6    
 This file is free under the terms of the GNU General Public License v2.  
   
7  Copyright (C) 2006 Timo Schulz  Copyright (C) 2006 Timo Schulz
8    Version 1.2.0
9    
10  Version 0.1.0  @settitle WinPT - The Windows Privacy Tray; a free GPG front-end
   
 @settitle WinPT - The Windows Privacy Tray; a free GPG front-end for Windows  
11    
12  @section Requirements for WinPT  @section Requirements for WinPT
13    
14  First you need to have a working GnuPG 1.4 installtion on the machine you  First you need to have a working GnuPG 1.4 installtion on the machine you plan to install WinPT.
15  plan to install WinPT. If you don't have GPG in your machine, please  If you do not have GPG in your machine, please visit http://www.gnupg.org and download the latest
16  visit http://www.gnupg.org and download the latest GPG version there.  GPG version there. It comes with a graphical installer so there is no need to do the
17  It comes with a graphical installer so there is no need to do this  installation manually.
18  step manually.  
19    You need at least Windows 98/2K/XP, but Windows XP or better is recommend. The program also works
20  You need at least Windows 98/2K/XP, but Windows XP or better is  on NT/95/ME but there is no support for these OS versions any longer. Mainly because the OS
21  recommend. The program also works on NT/95/ME but there is no support  vendor also dropped support and no bug fixes will be provided any longer.
22  for these OS versions any longer.  And it is very likely that the program does not work optimal on such platforms.
23    
24  @section A short Introduction  @section A short Introduction
25    
26  WinPT is a graphical GnuPG front-end which resides in the task bar.  WinPT is a graphical GnuPG front-end which resides in the task bar. It is divided into several,
27  It is divided into several, so-called, managers. There is a manager  so-called, managers. There is a manager for the key(ring), for files and for smart cards.
28  for the keyring, for files and for smart cards. The aim of the program  The aim of the program is to secure email communication and to perform file encryption and
29  is to secure email communication and to perform file encryption.  to allow an easy and user friendly way for key management.
30    
31  @subsection What is GnuPG  @subsection What is GnuPG
32  GnuPG is a tool for secure communication and data storage.  GnuPG is a tool for secure communication and data storage. It can be used to encrypt data and
33  It can be used to encrypt data and to create digital signatures.  to create digital signatures. It includes an advanced key management facility and is compliant
 It includes an advanced key management facility and is compliant  
34  with the proposed Internet standard as described in RFC2440.  with the proposed Internet standard as described in RFC2440.
35    
36  @subsection The Web of Trust  @subsection The Web of Trust
37  For a detailled description of these and other GnuPG topics, I  For a detailled description of these and other GnuPG topics, I recommend the available literature
38  recommend the available literature at http://www.gnupg.org. But  at http://www.gnupg.org. But at least a general overview should be given here.
39  at least a general overview should be given here.  
40    The certification scheme of OpenPGP does not base on a hirachical approach. Instead it uses
41  The certification scheme of OpenPGP does not base on a hirachical  a combination of ownertrust and direct key certification.
42  approach. Instead it uses a combination of ownertrust and direct  Here is an example with the imaginary persons called Alice, Bob, Carol and Dave.
43  key certification. Here is an example with Alice, Bob, Carol and Dave.  
44    Alice knows Bob and checked the fingerprint of Bob's key when he met him personally.
45  Alice knows Bob and checked the fingerprint of Bob's key when he  Thus she knows that the key really belongs to its owner and he trusts Bob to certify other keys.
46  met him personally. Thus she knows that the key really belongs to  Then she issued a signature on Bob's key. Bob knows Carol and also checked her identity.
47  its owner and he trusts Bob to certify other keys. Then she issued  Then he signed her key. Alice does not know Carol, but he knows Bob and Bob trusts Carol.
48  a signature on Bob's key. Bob knows Carol and also checked her identity.  And because Alice trusts Bob, at a level she decided before, he also trusts Carol.
49  Then he signed her key. Alice does not know Carol, but he knows Bob  It's a transitiv relation. Dave is isolated and does not know anybody for the mentioned reasons,
50  and Bob trusts Carol. And because Alice trusts Bob, at a level she  thus he is not in the WoT. Another very important point is, that the signer can decide, after the
51  decided before, he also trusts Carol. It's a transitiv relation.  certification, how much he trusts the key owner to certify other keys.
52  Dave is isolated and does not know anybody from the mentioned persons,  
53  thus he is not in the WoT.  It is very important to check the identify of a key owner. Mostly this is done by comparing the
54  Another very important point is, that the signer can decide,  fingerprint, which were submitted by phone or written down at a personal meeting, with the
55  after the certification, how much he trusts the key owner to  fingerprint of the key in the keyring. Please bear in mind that anybody can create a key with an
56  certify other keys.  email address and a specific name.
57    Thus it is not recommend to sign keys without doing this check before!
58  It is very important to check the identify of a key owner. Mostly  
59  this is done by comparing the fingerprint, which were submitted  The fingerprint of the key is hexadecial (160-bit) sequence divided into 10 groups of 4 hex
60  by phone or written down at a personal meeting, with the fingerprint  digits. You can get the fingerprint of a key by opening the key property dialog. There you can
61  of the key in the keyring. Please bear in mind that anybody can create  mark the fingerprint and copy it to the clipboard. The fingerprint of a key can be compared
62  a key with an email address and a specific name. Thus it is not  to human fingerprints, it is unique for each key.
 recommend to sign keys without doing this check before!  
   
 The fingerprint of the key is hexadecial (160-bit) sequence divided  
 into 10 groups of 4 hex digits. You can get the fingerprint of a key  
 by opening the key property dialog. There you can mark the fingerprint  
 and copy it to the clipboard.  
63    
64  Example: 1D75 8108 5BC9 D9FB E78B  2078 ED46 81C9 BF3D F9B4  Example: 1D75 8108 5BC9 D9FB E78B  2078 ED46 81C9 BF3D F9B4
65    
# Line 78  For example via a business card or your Line 68  For example via a business card or your
68    
69  @section Installation of the Program  @section Installation of the Program
70    
71  It is always recommend to use the latest version of the program. You  It is always recommend to use the latest version of the program. You can download it from
72  can download it from http://wald.intevation.org/projects/winpt.  http://wald.intevation.org/projects/winpt. Download the zip file with the binaries inside and
73  Download the zip file with the binaries inside and unpack them in  unpack them in a folder. All files need to be in the same folder, so if you change the folder do
74  a folder. All files need to be in the same folder, so if you change  not forget to move all files.
75  the folder don't forget to move all files.  You should also download and verify the signature of the packet to make sure that the release is
76  You should also download and verify the signature of the packet to  really authentic and were not altered in any way.
77  make sure that the release is really authentic.  
78    To activate the program you just need to start WinPT.exe. You should now see a
79  To activate the program you just need to start WinPT.exe. You should  little (golden key) icon in the taskbar which indicates that the program is running.
80  now see a little (golden key) icon in the taskbar which indicates that  If you want to quit the program, right click on the symbol and select "Exit".
81  the program is running. If you want to quit the program, right click  
82  on the symbol and select "Exit".  Alternative, you may use one of the graphical GPG installers which are available on the internet.
83    I recommend to use Gpg4Win which includes a set of very useful privacy tools, beside WinPT and it
84  Alternative, you may use one of the graphical GPG installers which  is very easy to use with an average size (~4MB). For non-German speaking users, I recommend the
85  are available on the internet. I recommend to use Gpg4Win which  light version because it does not contain the 2 German PDF manuals.
86  includes a set of very useful privacy tools, beside WinPT and it  
87  is very easy to use with an average size (~4MB). For non-German  @subsection Configure the Program
88  speaking users, I recommend the light version because it does not  After the installation not much of the default settings need to be changed. If you prefer a
89  contain the 2 German PDF manuals.  special keyserver, it is propably a good idea to open the keyserver dialog and to set one of the
90    existing keyservers as the default or create a new entry and mark it as the new default.
91    The default keyserver is subkeys.pgp.net, which is the best choice for most users.
92    
93    @subsection The GPG Preference Dialog
94    In this dialog you can change your GPG config and customize its behaviour. Please be advised that
95    in most cases there is no need to overwrite the default GPG path settings.
96    There are three different paths available. First, the GPG home directory. The place where the
97    keyrings are stored and also the config files. The second path points directly to the gpg.exe.
98    The third is the path to the language files,
99    where you usually store your winpt.mo/gpg.mo files. These entries should be only changed when
100    really need and extra caution is needed because with wrong settings, WinPT will not be able to
101    work any longer!
102    
103    The second part of the dialog is the "General GPG options" section. Here you can influence the
104    behaviour of some commands. If you do not know what they mean, it is safe not to change the
105    values and stick with the default ones.
106    For expert users, it is possible to set the signature class of issued key signatures and to set
107    an expiration date for key signatures or to specify an comment in armor files.
108    The "Encrypt to this key" might be useful for anybody who needs to decrypt mails or any data he
109    sent to a recipient. The field value should contain the key ID of the default key pair.
110    
111    @subsection Preferences
112    In the WinPT preference dialog, the user can modify and/or disable the default options. For new
113    users it is suggested to leave the default values as they are, except when there are problems
114    related to the hotkeys.
115    
116    To enable keyring backups, the user can either decide to use the GPG home directory as the backup
117    folder or any other folder. In the latter case, a folder needs to be chosen.
118    The program makes the backup before it terminates and thus it is very important that the keyrings
119    are stil accessable at this moment. For example if you use an USB flash drive to store your keyrings,
120    you should unplug it after the the icon disappeared at the task bar.
121    By default the secret keyring will not be backuped, if you wish that the secret keyring should be
122    also backuped, and this usually means the backup folder cannot be accessed by other people, you need
123    to mark "Backup includes secret keyring".
124    
125  @subsection Getting the Source of the Program  @subsection Getting the Source of the Program
126  As free software, according to the GNU General Public License,  As free software, according to the GNU General Public License, WinPT also offers the source code
127  WinPT also offers the source code for the program. It can be used  for the program. It can be used for reviews, to compile your own binary and/or to modify and/or
128  for reviews, to compile your own binary and/or to modify and/or  redistribute it or just to learn how it works. The source is available at the same place you
129  redistribute it or just to learn how it works. The source is available  downloaded the binary. If not, you should contact the author of the site.
130  at the same place you downloaded the binary. If not, you should  The entire program can be build with free software; the default environment is a cross-compiler
131  contact the author of the site.  hosted on a Linux box. All you need is the mingw32 packages, a working autoconf environment
 The entire program can be build with free software; the default  
 environment is a cross-compiler hosted on a Linux box. All you  
 need is the mingw32 packages, a working autoconf environment  
132  and the libs WinPT depends on (currently gpgme and libgpg-error).  and the libs WinPT depends on (currently gpgme and libgpg-error).
133  It is also possible to build the binary with cygwin/mingw32 on  It is also possible to build the binary with cygwin/mingw32 on Windows but this environment is
134  Windows but this environment is not actively supported and propably  not actively supported and propably needs adjustment of the source.
 needs adjustment of the source.  
135    
 @subsection Configure the Program  
 After the installation not much of the default settings need to  
 be changed. If you prefer a special keyserver, it is propably a good  
 idea to open the keyserver dialog and to set one of the existing  
 keyservers as the default or create a new entry and mark it as the  
 new default. The default keyserver is subkeys.pgp.net, which is  
 the best choice for most users.  
   
 @subsection GPG Options  
 For expert users, the GPG preference dialog might contain some  
 interesting options. For example to set the expiration date of  
 a signature and/or to set the signing level for key signing.  
 It also allows to set a default 'encrypt-to' key and to set  
 the comment in ASCII armored files.  
136    
137  @subsection Preferences  @section Native Language Support
 In the WinPT preference dialog, the user can modify and/or disable  
 the default options. For new users it is suggested to leave the  
 default values as they are, except when there are problems related  
 to the hotkeys.  
   
 To enable keyring backups, the user can either decide to use the  
 GPG home directory as the backup folder or any other folder. In  
 the latter case, a folder needs to be chosen.  
138    
139    The program has the ability to select different languages to provide dialogs and error messages
140    in the native language of the user. Currently German, Japanese, Portuguese (Brazil) and Slovak.
141    When WinPT has been installed via a graphical installer, for example Gpg4Win, the language was
142    automatically selected based on the locale Windows environment. If the stand-alone binary was
143    downloaded, WinPT offers at the first start to select a language, based on the .mo file it
144    founded in the current directory.
145    Otherwise the user needs to perform the following steps. The WinPT ZIP archive contains various
146    .mo files (de.mo, jp.mo, sk.mo) and the user needs to find his native language, if available and
147    rename the file to "winpt.mo". For example, if the user prefers German, "de.mo" -> "winpt.mo".
148    Now the user needs to save the locale dir, where the winpt.mo is stored, in the GPG preference dialog.
149    
150  @section The First Start  @section The First Start
151    
152  This section is only important for people who never installed  This section is only important for people who never installed and/or used WinPT before and thus
153  and/or used WinPT before.  no keyrings are available.
154    
155  When the program is started the first time, it offers two choices.  When the program is started the first time, it offers two choices. The one is to generate a key
156  The one is to generate a key pair and the other is to copy  pair and the other is to copy existing GPG keyrings into the current installation.
 existing GPG keyrings into the current installation.  
157    
158  We assume the user will select the first entry.  We assume the user will select the first entry.
159    
160  Now a new dialog is shown which requests some information from  Now a new dialog is shown which requests some information from the user to allow a meaningful
161  the user to allow a meaningful association between the key and  association between the key and the user. If the user prefer RSA keys, the check box should be
162  the user. If the user prefer RSA keys, the check box should be marked.  marked.
163  If the entered data is OK, WinPT then generates a new key pair. As long  But this is a decision of personal taste and does not influence the security or anything else.
164  as this step takes, a progress dialog is shown to indicate the  If the entered data is OK, WinPT then generates a new key pair. As long as this step takes, a
165  enduring process. When the generation of the keypair is done, WinPT  progress dialog is shown to indicate the enduring process. When the generation of the keypair is
166  offers the chance to backup the existing keyrings. This is definitely  done, WinPT offers the chance to backup the existing keyrings.
167  an important decision because if the keyring will get corrupted  This is definitely an important decision because if the keyring will get corrupted or lost, there
168  or lost, there is no way to recover the encrypted data. That is  is no way to recover the encrypted data. That is why it is also important to store the backup, at
169  why it is also important to store the backup, at least of the  least of the secret keyring, at a @strong{safe} place.
170  secret keyring, at a @strong{safe} place.  
171    @subsection Use existing Keyrings and/or Keys
172    If you already have a valid OpenPGP key pair and you do not want to generate a new key pair, you
173    should select the second choice at the first start. Then the program will copy your existing keyrings
174    to the new home directory. Please bear in mind that you need to set the ownertrust manually for each
175    imported key. You can skip this step if you exported the ownertrust manually to a file, but because
176    this is a step for experienced users it is not described here. The most important step is, to set
177    your own key to ultimate ownertrust after import.
178    
179    If you have other OpenPGP programs and you wish to use the keys from this application, it is a good
180    idea to select all keys you want to use and to export them into a single file. Then open the WinPT
181    Key Manager and drag the file into the Key Manager window.
182    
183    @section The Passphrase for the Secret Key
184    
185    First a short explaination what passphrase is. A passphrase is like a password but usually
186    longer, maybe a sentence, which can consists of any 7-bit ASCII characters. It is used to protect
187    your secret key and thus it is very import to chose a secure passphrase. If your computer, and
188    thus the secret key, were stolen and an attacker can guess your passphrase he is able to decrypt
189    all your data and to create signatures in your name! A good passphrase is difficult to guess but
190    easy to remember and should be at least 10 characters long.
191    An easy way to generate a strong passphrase is to use a sentence only you know but you can easily
192    remind and then take the first letter of each word, plus some special characters and maybe even
193    some intentionally made spelling mistakes.
194    
195    Example: Row - row - row your boat, gently down the stream
196    Passphrase: "R - r - ryb,gdts"
197    
198    Never write down your passphrase or share it among other people!
199    
200  @section Keyserver Access  @section Keyserver Access
201    
202  An easy way to retrieve keys is the keyserver. You can think of  An easy way to retrieve keys is the keyserver. You can think of it like a huge database with a
203  it like a huge database with a lot of keys as its content. It is  lot of keys as its content. It is possible to search keys by a pattern, a keyid or even a
204  possible to search keys by a pattern, a keyid or even a fingerprint.  fingerprint.
205  WinPT allows to access different kind of keyservers. For example  WinPT allows to access different kind of keyservers. For example LDAP, HKP, Finger and HTTP.
206  LDAP, HKP, Finger and HTTP. But the focus will be set on HKP because  But the focus will be set on HKP because this is the common case.
207  this is the common case.  
208    In some situations WinPT asks the user whether to retrieve keys automatically. One example is the
209  In some situations WinPT asks the user whether to retrieve keys  signature verification when the key that issued the signature was not found in the keyring.
 automatically. One example is the signature verification when the  
 key that issued the signature was not found in the keyring.  
210    
211  The main keyserver dialog allows to fetch one or more keys directly  The main keyserver dialog allows to fetch one or more keys directly or to search for a given pattern.
 or to search for a given pattern.  
212    
213  @subsection Retrieve a key by Key ID  @subsection Retrieve a key by Key ID
214  The best way to fetch a key from the server is by the key ID.  The best way to fetch a key from the server is by the key ID.
215  Just enter the key ID, it is always a good idea to prefix it  Just enter the key ID, it is a good idea to prefix it with 0x, and click the "Receive" button.
 with 0x and click the "Receive" button.  
216    
217  An example:  An example:
218    
# Line 191  pattern: 0xBF3DF9B4 Line 222  pattern: 0xBF3DF9B4
222    
223    
224  @subsection Retrieve a key by its email address  @subsection Retrieve a key by its email address
225  If you only know the email address from your partner, you can  If you only know the email address from your partner, you can enter it instead of the key ID.
226  enter it instead of the key ID. It is unlikely but possible  It is unlikely but possible that there are more keys with the same address. In this situation,
227  that there are more keys with the same address. In this situation,  WinPT will warn you that multiple keys were imported. The difference to the search function is,
228  WinPT will warn you that multiple keys were imported. The difference  that the keys were dirctly fetched and not displayed as a key result list.
 to the search function is, that the keys were dirctly fetched and  
 not displayed as a key result list.  
229    
230    
231  An example:  An example:
# Line 207  gmx.net Line 236  gmx.net
236    
237    
238  @subsection Search for a key by pattern  @subsection Search for a key by pattern
239  If you want to communicate with a new mail partner and you are  If you want to communicate with a new mail partner and you are not sure about the key ID, it can
240  not sure about the key ID, it can be useful to search for his  be useful to search for his email address. This address is considered as quite unique.
241  email address. This address is considered as quite unique.  Not all keyserver support this query mode, so if you get an error please use subkeys.pgp.net.
242    
243  An example:  An example:
244    
# Line 217  windows-privacy-tray.com Line 246  windows-privacy-tray.com
246    
247  [Search]  [Search]
248    
249  Now a dialog is opened with a list of all keys which matched  Now a dialog is opened with a list of all keys which matched the search string. If the name
250  the search string. If the name @strong{and} the email address  @strong{and} the email address is known, the matching key should be selected and "Receive"
251  is known, the matching key should be selected and "Receive"  should be clicked. Then the key will be downloaded and added to your keyring. Now you can encrypt
252  should be clicked. Then the key will be downloaded and added  data with this key, for example an email.
253  to your keyring. Now you can encrypt data with this key, for  
 example an email.  
254    
255  @subsection Sending a Key to the Keyserver  @subsection Sending a Key to the Keyserver
256  After you generated a new key pair, it is a good idea to send your  After you generated a new key pair, it is a good idea to send your key to the keyserver to make
257  key to the keyserver to make it available for other users. If you  it available for other users. If you issue a signature, the key ID is part of the signature and
258  issue a signature, the key ID is part of the signature and people can  people can  automatically retrieve your key when they try to verify the signature.
259  automatically retrieve your key when they try to verify the signature.  
260    Actually, the action is performed in the Key Manager and not in the keyserver dialog. Just open
261  Actually, the action is performed in the Key Manager and not in the  the Key Manager, select the key you want to send right-click on it and chose "Send to Keyserver"
262  keyserver dialog. Just open the Key Manager, select the key you want  in the popup menu. Then a message box with the result is shown.
 to send right-click on it and chose "Send to Keyserver" in the popup  
 menu. Then a message box with the result is shown.  
263    
264  @subsection Add, Delete or Edit a Keyserver Entry  @subsection Add, Delete or Edit a Keyserver Entry
265  The keyserver dialog allow to change the existing keyserver entries,  The keyserver dialog allow to change the existing keyserver entries, to delete them or to add new
266  to delete them or to add new entries. Just right click on a selected  entries. Just right click on a selected item and a popup menu will be
267  item and a popup menu will be shown with ("Edit", "Remove" and "New").  shown with ("Edit", "Remove" and "New").
268    
269  @section Using the Clipboard  @section Using the Clipboard
270    
271  A major aim from the first day was, that the program does not  A major aim from the first day was, that the program does not depend on a special mailer client.
272  depend on a special mailer client. For this reason it uses the  For this reason it uses the clipboard to encrypt and/or sign data.
273  clipboard to encrypt and/or sign data.  For the examples, let's assume that you want to write a new mail or that you received a mail
274  For the examples, let's assume that you want to write a new  protected by GnuPG.
275  mail or that you received a mail protected by GnuPG.  
276    @subsection The Clipboard Editor
277    This dialog allows it to modify the clipboard contents directly and/or to display the contents of
278    the clipboard. It is also possible to load a text file into the clipboard or store the contents
279    into a file. For the convenience, the dialog also allows to encrypt and/or decrypt clipboard data.
280    
281  @subsection Encrypt Data in the Clipboard  @subsection Encrypt Data in the Clipboard
282  Just copy the text from the mailer window into the clipboard.  Just copy the text from the mailer window into the clipboard. This is usually done by CTRL+C,
283  This is usually done by CTRL+C, make sure you really selected  make sure you really selected all portions of the text. Then right-click on the tray icon and
284  all portions of the text. Then right-click on the tray icon  select Clipboard->Encryption. Now a dialog is shown to select the recipients. This means you need
285  and select Clipboard->Encryption. Now a dialog is shown to  to select all keys which should be able to decrypt the mail. Confirm with "OK". GnuPG now
286  select the recipients. This means you need to select all  encrypts the data with the selected recipients. At the end a message box with the result is
287  keys which should be able to decrypt the mail. Confirm with "OK".  shown. Now the clipboard should  contain the encrypted data. Just paste it into the mailer window.
288  GnuPG now encrypts the data with the selected recipients. At the  The output should contain a header and a footer "BEGIN PGP MESSAGE" and "END PGP MESSAGE.
 end a message box with the result is shown. Now the clipboard should  
 contain the encrypted data. Just paste it into the mailer window.  
 The output should contain a header and a footer  
 "BEGIN PGP MESSAGE" and "END PGP MESSAGE.  
289    
290  @subsection Decrypt/Verify Data from the Clipboard  @subsection Decrypt/Verify Data from the Clipboard
291    The most common case is propably that you got a signed email and now you want to verify it. For
292    this procedure, you have to copy the entire signature in the clipboard. The easiest way is to
293    use CTRL+A and CTRL+C, then all available text will be copied. WinPT (GnuPG) is smart enough to
294    figure out the signature related data. Now go to the taskbar, display the popup menu and select
295    Clipboard->Decrypt/Verify. Now a new dialog, the verify dialog, should be available on screen
296    with all information about the signature. For example who is the signer, when was it signed how
297    much do you try this key and what was signed and most important, the status of it (is the
298    signature good or BAD).
299    A special case is when you don't have the public key to verify the signature, if this happens
300    WinPT offers to download the key from the default keyserver. If the key was not found, the
301    procedure is aborted because without the key the sig cannot bed checked.
302    
303  @subsection Sign the Clipboard  @subsection Sign the Clipboard
304    We assume that text that shall be signed is already in the clipboard. If not, select the text you
305    want to sign and copy with via CTRL+C in the clipboard. Now go to the taskbar and open the peopup
306    menu, Clipboard->Sign. If you just have one secret key, the passphrase dialog will be automatically shown.
307    All you need is to enter your passphrase and confirm. In case of more available secret keys, a
308    list with all keys is shown and you can select which key shall be used for signing.
309    The output is always a cleartext signature which is in text format. Do not try to sign binary
310    clipboard data, the result would be unpredictable and not readable by human beings.
311    
312    @section The Current Window Support
313    Compared to the clipboard mode, the CWS mode has some advantages. Let us assume that you want to
314    extract text from an editor window. With the CWS mode, the program automatically tries to focus
315    the window to select the text and to copy it to the clipboard and execute the
316    selected command (Sign, Encrypt, Decrypt) and pastes back the GPG data to the window.
317    No manual user interaction is needed. Except this different behaviour, it is very likewise to the
318    clipboard mode and thus we do not describe each command again.
319    
320    But due to the nature of this mode, it is possible that some kind of windows are not supported.
321    Which means that the program cannot extract the text from the window. There is nothing we can do
322    about it, because it depends on the application itself how it reacts on certain Window messages.
323    But all windows which support the default copy/paste/select all commands should make no problems.
324    
325  @section The Key Manager  @section The Key Manager
326    
327  This part of the program is propably most important for many users.  This part of the program is propably most important for many users. It contains function to
328  It contains function to manage your keyring and to perform actions  manage your keyring and to perform actions which are required and/or useful in the OpenPGP environment.
 which are required and/or useful in the OpenPGP environment.  
329    
330  @subsection Tips  @subsection Tips
331    
332  @itemize @bullet  @itemize @bullet
333    
334  @item  @item
335  If you want to import quickly a key from a into the keyring, just  If you want to start the Key Manager directly, you can create a batch
336  drag and drop the file into the Key Manager window. Then the import  file with "winpt.exe --keymanager". This way you do not have to go to
337  procedure will be automatically started.  the task bar enable the icon and click on the Key Manager entry in the menu.
338    
339    @item
340    If you want to import quickly a key from a into the keyring, just drag and drop the file into the
341    Key Manager window. Then the import procedure will be automatically started.
342    
343  @item  @item
344  Key which were fetched from keyservers often contain a lot of,  Key which were fetched from keyservers often contain a lot of, maybe obsolete, self signatures,
345  maybe obsolete, self signatures, if you want to get rid of them  if you want to get rid of them you can use the Key Edit->Clean feature. Just start the edit
 you can use the Key Edit->Clean feature. Just start the edit  
346  dialog and select the clean command. That's it.  dialog and select the clean command. That's it.
347    
348  @item  @item
349  The keyserver dialog does not allow to import a key directly  The keyserver dialog does not allow to import a key directly via an URL, as an alternative you
350  via an URL, as an alternative you may use the "Import HTTP..."  may use the "Import HTTP..." feature in the Key Manager. With it you can directly fetch keys
 feature in the Key Manager. With it you can directly fetch keys  
351  from the web (Example: http://www.users.my-isp.de/~joe/gpg-keys.asc).  from the web (Example: http://www.users.my-isp.de/~joe/gpg-keys.asc).
352    
353  @item  @item
354  To customize the parameters of the generated key, you can use  To customize the parameters of the generated key, you can use the expert key generation.
355  the expert key generation. It allows you to set the public key  It allows you to set the public key algorithm and/or the size of the key directly.
 algorithm and/or the size of the key directly.  
356    
357  @item  @item
358  Most of the list view based dialogs allow to use the right  Most of the list view based dialogs allow to use the right mouse button, to show popup menus with
359  mouse button, to show popup menus with available commands.  available commands.
360    
361  @end itemize  @end itemize
362    
363  @subsection Create a Revocation Certificate  @subsection Create a Revocation Certificate
364    It is very important to do this step early as possible. With this certificate, you can revoke
365  It is very important to do this step early as possible. With this  your entire key. The reason for this can be for example, that your key is no longer used or even
366  certificate, you can revoke your entire key. The reason for this  compromised.
367  can be for example, that your key is no longer used or even compromised.  After you generated the revocation cert, you should move it to a secure place because anybody who
368  After you generated the revoc cert, you should move it to a secure place  gets access to it, can render your key unuseable.
369  because anybody who gets access to it, can render your key unuseable.  
370    Just right-click on your key and select "Revoke Cert". If you do this step directly after key
371  Just right-click on your key and select "Revoke Cert". If you do this  generation, there is no need to change the default values. Just select a file name and enter the
372  step directly after key generation, there is no need to change the  passphrase. The program issues a warning which should be read carefully.
 default values. Just select a file name and enter the passphrase.  
 The program issues a warning which should be read carefully.  
373    
374  @subsection Adding a new Secondary Key  @subsection Adding a new Secondary Key
375    For most users the existing keys in the key pair are enough and no extra key is needed. But there
376  For most users the existing keys in the key pair are enough  are some exceptions.
 and no extra key is needed. But there are some exceptions.  
377    
378  @itemize @bullet  @itemize @bullet
379    
380  @item  @item
381  The primary key has no secondary key and the primary key is not  The primary key has no secondary key and the primary key is not able to encrypt data. In this
382  able to encrypt data. In this case it can be a good idea to  case it can be a good idea to add a secondary encryption key.
 add a secondary encryption key.  
383    
384  @item  @item
385  A lot of people use secondary encryption keys with an expiration  A lot of people use secondary encryption keys with an expiration date. Usually the key is valid
386  date. Usually the key is valid for 1-2 years. After the key is expired,  for 1-2 years. After the key is expired, a new key is needed in order to encrypt data.
 a new key is needed in order to encrypt data.  
387    
388  @end itemize  @end itemize
389    
390  What kind of public key algorithm should be selected is a matter  What kind of public key algorithm should be selected is a matter of taste. RSA and ElGamal are
391  of taste. RSA and ElGamal are both capable for encryption. For most  both capable for encryption. For most users it's a good idea to let the program chose the key
392  users it's a good idea to let the program chose the key size (in bits).  size (in bits). The default settings should be secure enough for most purposes.
 The default settings should be secure enough for most purposes.  
393    
394  @subsection Adding a new User ID  @subsection Adding a new User ID
395  If you got a new email account, it's propably a good idea to  If you got a new email account, it's propably a good idea to add these new account to your key
396  add these new account to your key also. For example:  also. For example:
397    
398  A new account was registed at gmail.com (john.doo@@gmail.com).  A new account was registed at gmail.com (john.doo@@gmail.com).
399  Then you should create a new user ID with the following fields:  Then you should create a new user ID with the following fields:
400    
401  name: John Doo  name: John Doo
# Line 353  gmail.com Line 404  gmail.com
404    
405  comment: (optional)  comment: (optional)
406    
407  Now email programs are able to associate this address with your  Now email programs are able to associate this address with your key when somebody wants to send
408  key when somebody wants to send you a protected mail to this account.  you a protected mail to this account.
409    
410  @subsection Adding a new Photographic ID  @subsection Adding a new Photographic ID
411  With this function you can add a photo to your public. It will be  With this function you can add a photo to your public. It will be displayed in the key property
412  displayed in the key property dialog.  dialog.
413    
414  You just need to select a JPEG file which contains the photo and  You just need to select a JPEG file which contains the photo and enter your passphrase and
415  enter your passphrase and confirm with OK. Please read the note  confirm with OK. Please read the note in the dialog carefully to make sure the photo has a proper
416  in the dialog carefully to make sure the photo has a proper size  size (file, height and weight).
 (file, height and weight).  
417    
418  @subsection Adding a new Designated Revoker  @subsection Adding a new Designated Revoker
419  If you want to allow another key to revoke your own key, this  If you want to allow another key to revoke your own key, this might be useful if you lost your
420  might be useful if you lost your secret or a simliar situation,  secret or a simliar situation, you can use this function to add a designated revoker to your key.
421  you can use this function to add a designated revoker to your key.  
422    All you need to do is to select the key you want to add as a desig revoker. But please bear in
423  All you need to do is to select the key you want to add as a desig  mind that this procedure cannot be undone and that this person really has the power to make your
424  revoker. But please bear in mind that this procedure cannot be undone  public key unuseable. You really should trust the selected key, in case it is not a key owned by yourself.
 and that this person really has the power to make your public key  
 unuseable. You really should trust the selected key, in case it is  
 not a key owned by yourself.  
425    
426  @subsection Export a Public Key  @subsection Export a Public Key
427  There are several reason why to export a public key and there  There are several reason why to export a public key and there are also several ways to do it. If
428  are also several ways to do it. If you want to send the key  you want to send the key directly to a mail recipient, you can select the key, right-click,
429  directly to a mail recipient, you can select the key, right-click,  and select "Send Key to Mail Recipient". As an alternative, you can also export it to the
430  and select "Send Key to Mail Recipient". As an alternative, you  clipboard or to a file. To export a key to the clipboard, you can select "Copy key to Clipboard"
431  can also export it to the clipboard or to a file. To export a  in the popup menu of the selected key. To export it to a file, you need to select the menu "Key"
432  key to the clipboard, you can select "Copy key to Clipboard"  and then "Export...". The program will automatically suggest a name for the output.
433  in the popup menu of the selected key. To export it to a file,  
434  you need to select the menu "Key" and then "Export...". The  @subsection Export your Secret Key
435  program will automatically suggest a name for the output.  This command should be used with caution because it exports your secret key. Please bear in mind
436    that you should never export your key to a place where it can be accessed by others.
437    An USB stick or a likewise mobile storage device should be used for the export.
438    
439  @subsection Import a Public Key  @subsection Import a Public Key
440  Similar to the key import, the import of a key can be done in  Similar to the key import, the import of a key can be done in several ways. First, let's assume
441  several ways. First, let's assume you got a mail with an OpenPGP  you got a mail with an OpenPGP key included as inline text. Then you can use the current window
442  key included as inline text. Then you can use the current window  feature and "Decrypt/Verify" to import the key. Alternative you also may use the clipboard.
443  feature and "Decrypt/Verify" to import the key. Alternative you  To achieve this, you first need to select the entire key (CTRL+A) and then copy it to the
444  also may use the clipboard. To achieve this, you first need to  clipboard (CTRL+C), then use the Key Manager (Edit->Paste) to import it. If the key is stored as
445  select the entire key (CTRL+A) and then copy it to the clipboard  an attachment, or you want to import a key from a file in general, just drag the file and drop it
 (CTRL+C), then use the Key Manager (Edit->Paste) to import it.  
 If the key is stored as an attachment, or you want to import  
 a key from a file in general, just drag the file and drop it  
446  into the Key Manager window or use "Key" -> "Import...".  into the Key Manager window or use "Key" -> "Import...".
447    
448  @subsection Sign a Public Key  @subsection Sign a Public Key
449  If you verified that a key really belongs to its owner, you  If you verified that a key really belongs to its owner, you should sign the key to integrate it
450  should sign the key to integrate it into your Web of Trust  into your Web of Trust and also to mark the key as valid in your keyring. Do not sign a key you
451  and also to mark the key as valid in your keyring. Do not sign  just got via email with the request to sign it. Anybody can create a key with your (or better ANY) name,
452  a key you just got via email with the request to sign it. Anybody  these information are no hint to whom the key really belongs. You can check a key
453  can create a key with your (or better ANY) name, these information  by meeting or calling the key owner and verify the key fingerprint of the key with the one
454  are no hint to whom the key really belongs. You can check a key  published by the key owner. Additional checks should be to watch at his driver license or the
455  by meeting or calling the key owner and verify the key fingerprint  identity card to make sure that name of the key matches the name of the key owner. After this
456  of the key with the one published by the key owner. Additional checks  procedure is done, you can open the Key Manager, select the right key and either use the context
457  should be to watch at his driver license or the identity card to make  menu "Sign Key" or use the toolbar button.
458  sure that name of the key matches the name of the key owner. After  
459  this procedure is done, you can open the Key Manager, select the  The next dialog will summarize the key information and some additional options. For example if
460  right key and either use the context menu "Sign Key" or use the  the signature should be local or exportable. Local means the signature will be stripped if you
461  toolbar button.  export the key and no one else except you can use it to calculate the validity. If you mark the
462    signature exportable, any other user can see and use it. Now you can select the key you want to
463  The next dialog will summarize the key information and some  use to sign and enter the passphrase. Confirm with "OK" and the key will be signed.  Now the validity
464  additional options. For example if the signature should be  of the new key is "Full". It is propably a good idea to set the ownertrust of the key.
465  local or exportable. Local means the signature will be stripped  For a detailled description, see the chapter "Key Ownertrust".
 if you export the key and no one else except you can use it to  
 calculate the validity. If you mark the signature exportable,  
 any other user can see and use it. Now you can select the key  
 you want to use to sign and enter the passphrase. Confirm with "OK"  
 and the key will be signed. Now the validity of the new key is  
 "Full". It is propably a good idea to set the ownertrust of the  
 key. For a detailled description, see the chapter "Key Ownertrust".  
466    
467  @subsection Key Ownertrust  @subsection Key Ownertrust
468  First we should explain what the ownertrust of a key is. The ownertrust  First we should explain what the ownertrust of a key is. The ownertrust is a measurement how much
469  is a measurement how much you trust somebody to certify and check keys  you trust somebody to certify and check keys of other people. For example, if you know that Bob
470  of other people. For example, if you know that Bob is really the owner  is really the owner of the key, you should sign it. But he is also known to sign other keys
471  of the key, you should sign it. But he is also known to sign other keys  without checking the idenity of the other key owner. Values for the ownertrust are
472  without checking the idenity of the other key owner. Values for the  1) Don't Know 2) Don't Trust 3) Marginal 4) Full
473  ownertrust are 1) Don't Know 2) Don't Trust 3) Marginal 4) Full  and thus you should propably use an ownertrust value like "Marginal". But this is a personal
474  and thus you should propably use an ownertrust value like "Marginal".  decision and stored in a separate file and never exported with the public keys. For further
475  But this is a personal decision and stored in a separate file and  information, please take a look into the GNU Privacy Handbook.
476  never exported with the public keys. For further information, please  Just a last work on Key Pairs, they are automatically marked as "Ultimate" because the key
477  take a look into the GNU Privacy Handbook.  belongs to you and you trust it implicit.
478  Just a last work on Key Pairs, they are automatically marked as  
479  "Ultimate" because the key belongs to you and you trust it implicit.  @subsection List Signatures
480    This dialog contains a list of all signatures of the selected key. The basic dialog, the tree
481    based version, just shows signatures when the issuer key is in the public keyring. A double click
482    opens the signature property dialog which contains detailled description about the selected
483    signature. A dialog which is useful for people who wants to get all information about the key
484    signatures, can click on the "Edit.." button.
485    
486    @subsection Copy Key Information to the Clipboard
487    Often it is useful to copy parts of the user ID to the clipboard. One example is that you want to
488    send an email to the key owner or that you want to search the key by the email address or you
489    want to copy the fingerprint to the clipboard to paste it somewhere else.
490    This command is available in the popup menu (right click).
491    
492    @subsection Delete one or more Keys
493    To delete a key, or more than one key, you just need to select the keys in the Key Manager and
494    either select "Delete" or use the toolbar button.
495    Be careful if you delete a key pair, because you will not be able to decrypt and/or sign data any
496    longer. In any case you should have a backup of your key pair at a safe place.
497    
498    @subsection Re-verify Signatures
499    After you refreshed or imported a lot of new keys, either from a file or the keyserver, it is a
500    good idea to re-verify the signature in the keyring. This speeds up listing operations.
501    
502    @subsection Refresh one or more Public Keys from the Keyserver
503    From time to time it can be useful to refresh keys from the keyring. The reason for this is,
504    that the key might contain new subkeys, user IDs and or new signatures. It is also possible
505    that the expiration date of a key has been updated or other preferences were changed. And
506    maybe even the worst case, that a key has been compromised and is now revoked.
507    If you want to update a single key, select it and right click on it. Then select the item
508    "Refresh from the Keyserver" in the popup menu. If you do not select any key, the Key Manager
509    assumes that you want to refresh all keys in the keyring. Please bear in mind that this
510    can be a lengthy process if you have a lot of keys in your keyring.
511    
512    @subsection WinPT Website
513    If you want to check for updates or general information about the Windows Privacy Tray program,
514    you can select this menu item.
515    The WWW webite of WinPT will be loaded in the default browser.
516    If you want to visit the project website directly, select the "Project Website" entry.
517    
518    @subsection The Key Edit Dialog
519    For the average GPG user, the popup menu of the Key Manager contains all command to manage your
520    keys. For example to add a key/userid/revoker/photo, just right click on the click and select the
521    command from the "Add" submenu.
522    But for advanced users, this dialog contain a lot of extra commands to customize your key.
523    
524    The main dialog contains a list of all keys in the first list view box and all user IDs in the
525    second list view box. The help button gives you a short hint about each command and what it does.
526    For example you can set the primary user ID via the "primary" command or with "deluid" you can
527    delete the selected user ID. Please always bear in mind, that most keyserver are not able to
528    remove user IDs in its database so if another user fetch your 'updated' key from the keyserver
529    the user ID might be still part of the key. If you want to make an user ID unuseable, you should
530    revoke it. This is also possible with this dialog.
531    
532    @subsection Update your Preferences in the Key Manager
533    To avoid that the user needs detour to select the taskbar icon, click on it, etc., all
534    preferences can be changed in the Key Manager via the Edit->Preferences... menu.
535    
536    @section The File Manager
537    
538    @subsection Introduction
539    The File Manager is no replacement for an Explorer Extension. If you secure your files frequently
540    and you want to do this fast and easy, I suggest to install GPGee. It is a program which
541    integrates itself into the explorer and provide menu entries in the context menu of files and
542    directory. But the File Manager can be very useful if you just want to decrypt and/or encrypt
543    some files without additional programs. You can find the File Manager via the symbol in the
544    taskbar, right click and then "File Manager".
545    
546    @subsection An Overview of the GUI
547    First there are different ways to add (open) files in the Key Manager. The easiest way is to use
548    drag and drop to add files into the File Manager. Just drag a file from the explorer and drop it
549    into the File Manager window. The second way is to use File->Open. A dialog opens which is common
550    for all "File Open" operations in most Windows application. Now you can select one or more files
551    and confirm. The files will be automatically added to the File Manager window. The main window
552    consists of a listview with three rows.
553    
554    The first row is the status of the file. It can be "ENCRYPTED", "SIGNED", "PUBKEY", "SECKEY",
555    "SIG" or "UNKNOWN". Dependent on the file status, the File Manager offers different choices.
556    For example "SIG" enables the verify options in the (popup) menu. "UNKNOWN" is the default for
557    all plaintext files.
558    The second row is the file name. And the last row is the status of the operation. It can be
559    either "", "SUCCESS" or "FAILED". An empty status means no operation was started yet. FAILED
560    indicates that the  GnuPG operation failed. In this case an error message was issued before.
561    
562    Now it follows an example:
563    We assume that user wants to encrypt "c:\My Ideas\GPG GUI.txt". Drag the file from the Explorer
564    and drop it into the open File Manager, the main window. The file will be added and recognized
565    as "UNKNOWN". Now we select the file and right click, a popup menu is shown and we select
566    "Encrypt". An new dialog is opened which looks similar to the Clipboard Encryption dialog.
567    Just select the recipients and confirm. In contrast to clipboard encryption, file encryption
568    offers some more extra options. They are described later. And hour glass will be shown as long as
569    GnuPG takes to encrypt the file. When the procedure is done, the third row should be change
570    to "SUCCESS" and the first row to "ENCRYPTED".
571    
572    @subsection Verify Detached Signatures
573    Most of the signature are detached, which means that the signature is separated from the data.
574    Usually you need to verify a detached signature when you have downloaded a software package or
575    an update of it. The steps to verify such a signature are easy. Just open the File Manager and
576    drag the detached signature in the File Manager window.
577    Now select the signature and select "Verify" either via the popup menu or the File menu.
578    In most cases you propably need to download the verification key, before you can verify the signature.
579    
580    @subsection General Options
581    Now we describe the general options which are possible in some File Manager dialogs.
582    
583    @itemize
584    
585    @item Text Output
586    When this option is checked, the output will be encoded in ASCII armor. This can be useful if the
587    file should be transfered via email. The size of the output file is larger than the usual binary
588    output.
589    
590    @item Wipe Original
591    If this option is checked, the original file will be deleted after successfull encryption.
592    This can be useful if data should not be available in plaintext any longer on a machine.
593    
594    @end itemize
595    
596    
597    @section A short Note about Cryptographic Issues
598    
599    WinPT itself does not perform any real encryption, signing or decryption. Instead it uses
600    GPG as the backend program which provides all kind of cryptographic code to perform the
601    needed operations.
602    
603    The default values WinPT uses for key sizes, should be sufficient for personal and commercial
604    security for the next years. If you are concerned about the default values, you can always use
605    the expert key generation to make your own decision. GPG also provides
606    default values for symmetric cipher preferences. By default, the AES (Advanced Encryption Standard)
607    is used which provides a very good security. You can manually modify your key preferences, this
608    includes cipher, hash, and compression but usually this is not necessary and also can do harm if
609    you use algorithms which are not very widespread among other OpenPGP programs.
610    
611    @section WinPT and Personal Firewalls
612    
613    Because the program uses a global hook to remember the last active current window, it might be
614    possible that Firewalls warn that the process contains a global hook which is a potential
615    security risk. In some cases, there might be even a warning that key logging is possible.
616    This is a false alarm because the hook provided by the program, a CTB (Computer Based Training)
617    hook, can be only used to save handles of newly created windows, or windows which are
618    activated or in case of a focus change. Details can be found in the source code of the program
619    or additional information about the CTB hook at msdn.microsoft.com
620    
621    To provide access to keyservers and to download HTTP keys, the program
622    needs to be able to make outbound connections to the following ports: 80 (http), 11371 (keyserver)
623    
624    @subsection Using a HTTP Proxy
625    If you are behind a firewall and you have no chance make a connection to a keyserver, maybe
626    because of a policy, you can use a http proxy for outbound connections. Open the Keyserver dialog
627    and click on the button "Change Proxy". A new dialog opens where you can enter the proxy specific
628    host name and ports. If the proxy requires authentication, you also have to provide your user name
629    and your password. Please bear in mind that only a base64 authentication is supported and no other
630    proxy types (SOCKS for example) can be used.
631    
632    
633    @section Reporting a Problem (Bug) or a Feature Request
634    
635    For the case that you have problems with the program, that includes crashes or or the handling,
636    please first check the forum at http://wald.intevation.org to see if someone else reported and/or
637    wrote about the issue. It is possible that the issue is already solved/answered in the forum.
638    Plus all other users can benefit of it because maybe another person has the same problem and then
639    he can check the forum and will find the answer.
640    
641    Feature requests can be submitted at the same site in a different tab (Tracker->Feature Request).
642    There is no guarantee that the request will be implemented in the next version. The reason is,
643    that other issues might be more important or that the request must be first discussed with other
644    developers. But each request will be considered.
645    
646    For the case that you found a bug, it is very important to provide much details as possible to
647    allow the developers to track down the problem and to fix it easily. Please do not forgot to be
648    precise as possible and the best idea is to provide a step-by-step text to reproduce the problem.
649    
650    @section Problem with the Program or an unexpected Behaviour
651    
652    First let me say that it is very important always to use the newest version. Each new version
653    contains bug fixes and might also fix usability issues. This is also valid for GPG, WinPT
654    checks that the minimum GPG version is available but even so it is important and often useful to
655    have the newest GPG version if this is possible.
656    
657    But sometimes the problem is not the software itself, but the software which was involved to
658    transfer the data. Here are some examples of what could happen:
659    
660    - The downloaded file could be broken (FTP ascii->binary issue) and thus WinPT is unable to
661      verify the signature. In this case you should download the file again.
662    
663    - A mailer broke the signature because the line endings were altered or the mail text was wrapped
664      after the signature was issued. There is no solution to this problem, except to use
665      a smart Mail Client.
666    
667    - A public key (file or clipboard) will not be recognized but the data should definitely contain
668      one or more keys. Sometimes line endings are messed up or white spaces were removed. In
669      this case GPG/WinPT is not able to detect when the data begins and the header section starts.
670      You can use the clipboard editor to see if the ascii armor is broken. If this happened, the
671      file must be repaired manually or should be sent again.
672    
673    - WinPT reports that the key could not be imported because of missing self signature or a
674      likewise message. To make sure that the receiver can really verify the key belongs to its
675      owner, the key carries a self signature which can be checked by anybody. Some PGP 2.6 version
676      do not issue this self signature and some other PGP versions might be also able to
677      supress its generation. Such a key cannot be used, even if the import were forced. The solution
678      to this problem is easy but sometimes not possible. Ask the key issuer to self sign his key and
679      to upload it to the keyserver or send it again.
680      But sometimes companies have a policy and thus newly generated keys are not self signed. I do
681      not know what to do in this case except for asking if it would be possible to sign a copy of
682      the key.
683    
684    - You received a message from a user which uses PGP and WinPT/GPG will not be able to decrypt it.
685      First let me say that this should happen very seldom with newer (PGP >= 7) versions of PGP.
686      The reason could be, that IDEA has been used. A patented Cipher which is not included in GPG.
687      GPG will not be able to decrypt the data because it has been ciphered with IDEA. There is no
688      solution for this problem, except to use the IDEA plug-in. But be advised that the IDEA
689      algorithm is only free for private use and NOT for commercial mails.
690    
691      Another problem could be, that your files cannot be automatically decrypted by the receiver
692      (who uses PGP) because the file extension of it is .GPG. You can solve this problem by changing
693      the default extension in the WinPT preferences from .GPG to .PGP.
694    
695      To minimize the change of problems when you communicate with a PGP user, you can add "pgp8" or
696      "pgp7" to your gpg.conf. This can be done via the Key Manager
697      ->Edit->Preferences...->GPG Config Preferences.
698    
699    
700    @section How can I help the Project
701    
702    There are several ways to help the project. For example you could provide (or work on) the
703    existing documentation or write new docs. You could translate WinPT into a new language or
704    maintain an existing language file. Of course it is also possible to contribute code or to
705    become part of the WinPT developer crew.
706    
707    @subsection What I need for Development
708    First, you need a Windows C-compiler and knowledge how to use the tools and the Win32 API. There
709    is no need to use MS-Visual C,  you can use Ming-W32 (gcc) and a free IDE to hack some code.
710    The default building environment is a mingw32 hosted on Linux and it produces W32 executables.
711    
712    If you plan to contribute some code or to work on an item from the TODO file, please contact me
713    first to make sure no one else is working on it and that and we can discuss the details.
714    
715    @section Closing Words
716    Please remember that currently the core WinPT crew is just me and thus it might take some time to
717    respond to forum messages, and mails. If my spare time allows it, I try to respond quick as
718    possible. But as a free software project, I do most coding in my spare time and I can't guarantee
719    anything. If you need commercial support for WinPT or GPG in general,
720    please contact g10 Code GmbH.
721    
722  @bye  @bye

Legend:
Removed from v.227  
changed lines
  Added in v.263

[email protected]
ViewVC Help
Powered by ViewVC 1.1.26