![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to readme.doc CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [PGP] / pgp|
Return to readme.doc CVS log | Up to [PGP] / pgp |
1.1.1.4 ! root 1: Pretty Good Privacy version 2.3a - READ ME FIRST 1.1.1.2 root 2: Notes by Perry Metzger 1.1.1.4 ! root 3: Edited for 2.3a by Colin Plumb 1.1.1.2 root 4: 5: 1.1.1.4 ! root 6: You are looking at the README file for PGP release 2.3a. PGP, short for 1.1.1.2 root 7: Pretty Good Privacy, is a public key encryption package; with it, you 8: can secure messages you transmit against unauthorized reading and 9: digitally sign them so that people receiving them can be sure they 10: come from you. 11: 1.1.1.4 ! root 12: The files pgpdoc1.txt and pgpdoc2.txt contain documentation for the ! 13: system. Before using PGP, PLEASE READ THE DOCUMENTATION. This tends ! 14: to get neglected with most computer software, but cryptography software ! 15: is easy to misuse, and if you don't use it properly much of the security ! 16: you could gain by using it will be lost! ! 17: ! 18: Security is only as strong as the weakest link, and while the algorithms ! 19: in PGP are some of the strongest known in the civilian world, there are ! 20: things outside the program's control which can weaken your security as ! 21: assuredly as forgetting to lock a vault door. Even if you are already ! 22: familiar with public key cryptography, it is important that you ! 23: understand the various security issues associated with using PGP. ! 24: ! 25: PGP 2.3a, released July 2, 1993 fixes some glitches which made their way ! 26: into PGP 2.3, released June 15, 1993. It will likely be followed by ! 27: more updated versions in the months to come, so check around for more ! 28: recent updates, especially if you received PGP 2.3a substantially after ! 29: the release date. If there is a more recent release, please acquire it, ! 30: and please get the place from which you got PGP 2.3a or an earlier ! 31: version to update their release, too. ! 32: ! 33: There are four archives in the PGP 2.3a release. You will usually only ! 34: need one of them. They are: ! 35: - pgp23A.zip This is the MS-DOS executable release, which includes ! 36: the executable, support files, and basic documentation. ! 37: - pgp23srcA.zip This is a source code release, which includes all the source ! 38: code needed to compile PGP and examples of usage. This ! 39: contains everything in pgp23A.zip except that the manual is ! 40: not paginated and it does not contain an executable nor an ! 41: associated signature. ! 42: - pgp23A.tar.Z This contains exactly the same files as pgp23srcA.zip, except ! 43: that they use Unix rather than MS-DOS line end conventions. ! 44: - pgp23docA.zip This is the documentation for PGP only. This can be freely ! 45: exported and is useful to tell people what PGP does. ! 46: ! 47: While we welcome ports to other platforms, if you make your own archive ! 48: for distribution, PLEASE INCLUDE THE MANUAL. It covers important ! 49: security and legal issues which a new user must know. ! 50: ! 51: Assuming you have a code (non-documentation) release, the file SETUP.DOC ! 52: contains information on how to install PGP on your system; this document ! 53: is broken up into several sections, each dealing with a different ! 54: operating system: PGP is known to run on MS-DOS, UNIX, VMS and OS/2. Part ! 55: of the information in SETUP.DOC might make more sense if you have already ! 56: read the manuals. ! 57: ! 58: PGP is distributed under the terms of the GNU General Public Licence, ! 59: a copy of which is included. In brief, this states that PGP is freely ! 60: distributable, subject only to the condition that if you make a modified ! 61: version and choose to distribute it, you must make it freely distributable ! 62: as well. See the file COPYING for details. ! 63: ! 64: This PGP 2.3 release has several bug fixes over PGP 2.2, and a few ! 65: new (although somewhat esoteric) features. See doc\newfor23.doc ! 66: for details. The most important fix is to compression on MS-DOS. ! 67: an invlaid pointer was bring freed, causing unpredictable behaviour. ! 68: Sometimes, no harm would reault. Sometimes. the machine would crash. ! 69: ! 70: MANIFEST for PGP 2.3a MSDOS executable release ! 71: --------------------------------------------- ! 72: ! 73: Here is a list of files included in the PGP 2.3a MSDOS executable release ! 74: file PGP23A.ZIP... ! 75: ! 76: README.DOC - This file you are reading ! 77: BINFILES - The master list of files, used to generate the archive ! 78: PGP.EXE - PGP executable program ! 79: CONFIG.TXT - User configuration parameter file for PGP ! 80: LANGUAGE.TXT - Sample language file for French and Spanish ! 81: PGP.HLP - Online help file for PGP ! 82: ES.HLP - Online help file in Spanish ! 83: FR.HLP - Online help file in French ! 84: KEYS.ASC - Sample public keys you should add to your keyring ! 85: PGPSIG.ASC - Detached signature of PGP.EXE, to detect viruses ! 86: DOC\SETUP.DOC - Installation guide ! 87: DOC\PGPDOC1.DOC - PGP User's Guide, Vol I: Essential Topics ! 88: DOC\PGPDOC2.DOC - PGP User's Guide, Vol II: Special Topics ! 89: DOC\COPYING - GNU General Public Licence ! 90: DOC\BLURB.TXT - Brief description of PGP, for BBS indexes ! 91: DOC\POLITIC.DOC - Computer-related political groups 1.1.1.2 root 92: 93: 94: For Clinical Paranoia Sufferers Only 95: ------------------------------------ 96: 1.1.1.4 ! root 97: It is always possible that the PGP you have received has been tampered 1.1.1.2 root 98: with in some way. This is a risk because PGP is used as a system to 99: assure security, so those wishing to breach your security could likely 100: do it by making sure that your copy of PGP has been tampered with. Of 101: course, if you receive PGP in a binary distribution, it makes sense to 102: check it for viruses, and if you receive PGP as source code, looking 103: for signs of obvious tampering might be a good idea. However, it is 104: very difficult to actually determine if the code has no subtle bugs 105: that have been introduced and that the executable you are using has 1.1.1.4 ! root 106: not been tampered with in any way. ! 107: ! 108: If you have a previous version of PGP which you already trust, the ! 109: cryptographic signature on the executable will assure you that it has ! 110: not been tampered with (with the possible exception of a "stealth virus" ! 111: already existing on your system). If you are a really paranoid person, ! 112: try getting a cryptographically signed copy of the software from someone ! 113: you trust to have a good copy. It would also likely be good for you to ! 114: pay special attention to the sections of the manual on "Vulnerabilities." ! 115: You are going to read the manual, aren't you?
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.