Which PGP version should I use?

Because there are so many different PGP versions around, it's not easy for the new PGP user to pick the right one. With concerns like compatibility, copyright, patents and export restrictions, finding one's way in the PGP jungle can be quite an exhaustive task. However, the question can be reduced to three main issues, which together determine which PGP version is the one for you:

  1. Which country you are in
  2. Whether you want to use PGP for private or commercial purposes
  3. Which machine platform you are on (Windows users: use the DOS version)

By studying the tables below, you should be able to find the PGP version that will suit your particular needs. All versions listed here are interoperable and 100% legal to use for the specified purpose (private/commercial) within the countries listed. (*)

USA

Non-commercial useCommercial use
DOS, Unix, MacintoshMIT PGP 2.6.2 or PGP 2.6.3ViaCrypt PGP
OS/2, VMS, Atari,
Amiga, etc.		PGP 2.6.3PGP 2.6.3, but look here

Note: If you are a non-US citizen living in the US, you should preferably use MIT PGP 2.6.2 or PGP 2.6.3, but it is probably safest to download your copy from somewhere outside the US. In the US, giving a copy of PGP to a foreigner is considered as export, even if s/he is not going to take it out of the country(!).

Canada

Non-commercial useCommercial use
DOS, Unix, MacintoshPGP 2.6.3iViaCrypt PGP
OS/2, VMS, Atari,
Amiga, etc.		PGP 2.6.3i, but look here

Note: Canadians are in a unique position, in that they may freely choose which PGP version they want to use. They may use the MIT version (because it's not illegal to export cryptography from USA to Canada) or the international version (because the RSA patent does not apply in Canada). I have recommended the international version in the table above, but use the MIT version if you prefer that.

Rest of the world (*)

Non-commercial useCommercial use
All platformsPGP 2.6.3iPGP 2.6.3i, but look here

(*) Some countries (such as France, Iran, Iraq, Russia and China) have laws that prohibit or regulate the use of cryptography. Please check out your country's national laws and governmental policies on cryptography before attempting to use PGP. (See also the Crypto Law Survey.) You should also make sure that you obtain your copy of PGP from a place outside of USA and Canada. If you follow the links here, you should be on the safe side.

Last updated February 5, 1997 by Stσle Schumacher <stale@hypnotech.com>