home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Freaks Macintosh Archive
/
Freaks Macintosh Archive.bin
/
Freaks Macintosh Archives
/
Crypto⁄Encryption
/
PGP
/
PowerMac603 PGP 2.6.3i.sit
/
PowerMac603 PGP 2.6.3i
/
setup.doc.mac
< prev
next >
Wrap
Text File
|
1997-02-19
|
5KB
|
103 lines
Pretty Good Privacy Version 2.6.3i
Installation Guide
by Perry Metzger, Colin Plumb, Derek Atkins,
Jeffrey I. Schiller and others.
Updated for PGP 2.6.3i by Stale Schumacher
Revised for Macintosh by Naoki Sugiyama
Revised for PowerMacintosh by Michel Médina
(This file should be used Monaco-10p.)
How to Install PowerMacPGP
=====================
PowerMacPGP is distributed in a compressed archive format, which keeps all the
relevant files grouped together, and also saves disk space and transmission
time.
The current version, 2.6.3i, is archived with the Stuffit utility, and
you can decompress it with Stuffit. The PowerMacPGP executable binary
is in a file named PowerMacPGP263i.sit. This contains the executable
application, and basic documentation. If you want more infos, get the MacPGP
package. This should be available from the same source from which you got
PowerMacPGP263i and is called macpgp263i.sit. If not, send email
to pgp@hypnotech.com with "INFO PGP" in the subject field.
You will need StuffIt Expander version 3.0 or later to uncompress and split
the sit archive file into individual files. StuffIt Expander is freeware
and is widely available on Macintosh and INFO-Mac archive.
Put the distribution file in the appropriate folder and drag&drop into the
icon of StuffIt Expander to uncompress.
This will create the files Powermacpgp263ii.sit Powermacpgp263ii.sit.asc.
Expand Powermacpgp263ii.sit with drag&drop into StuffIt Expander.
Keep the Powermacpgp263ii.sit file around. Once you have MacPGP working
you can use Powermacpgp263ii.sit.asc to verify the digital signature on
Powermacpgp263ii.sit.
It should come from Michel Médina (whose key is included in keys.asc).
Generating Your First Key
-------------------------
One of the first things you will want to do to really use PowerMacPGP (other
than to test itself) is to generate your own key. This is described in
more detail in the "RSA Key Generation" section of the PGP User's Guide.
Remember that your key becomes something like your written signature or
your bank card code number or even a house key - keep it secret and keep it
secure! Use a long, unguessable pass phrase and remember it. Right after
you generate a key, put it on your key rings and copy your secret keyring
(secring.pgp) to a blank floppy and write protect the floppy.
If you are a first-time user of PGP, it is a good idea to generate a short
test key, with a short passphrase, to play around with PGP for a little bit
and see how it works, or even more than one so you can pretend to be
sending messages between two different people. Since you won't be guarding
any secrets, this can be short and have a simple pass phrase. But when you
generate your permanent key, that you intend to give to others so they can
send secure messages to you, be much more careful.
After you generate your own key pair, you can add a few more public keys to
your key ring. One public keys is provided with the release in the file
MyPublicKey.asc. To add it to your public key ring, see the
PGP User's Guide, in the section on adding keys to your key ring.
Verifying the PGP distribution
------------------------------
Now that you have PGP up and running and have read in the MyPublicKey.asc
file you can verify the integrity of the original distribution. To do this launch
PowerMacPGP and select Open/Decrypt in File menu .
Choose Powermacpgp263ii.sit.asc in the StandardFile dialog, push 'Do It'
button in next dialog, and apply the signature to Powermacpgp263ii.sit.
MacPGP should tell you that it has a Good Signature from:
"Michel Médina"
It will also tell you that it doesn't "trust" this key. This is because
PowerMacPGP does not *know* that the enclosed key really belongs to me. Don't
worry about this now. Read the section "How to Protect Public Keys from
Tampering" in Volume 1 of the PGP manual.
READ THE FINE MANUAL (RTFM)
---------------------------
READ THE DOCUMENTATION. At least read Volume I of the PGP User's Guide.
Cryptography software is easy to misuse, and if you don't use it properly
much of the security you could gain by using it will be lost! You might
also be unfamiliar with the concepts behind public key cryptography; the
manual explains these ideas. Even if you are already familiar with public
key cryptography, it is important that you understand the various security
issues associated with using PGP. PGP may be an unpickable lock, but you
have to install it in the door properly or it won't provide security.