99/12/04

                            The Archimedes Project
			      Notes on PGP/GnuPG
			     
			     

Introduction on Pretty Good Privacy / GnuPG
(taken from the PGP manpage 2.6.x):

"PGP (Pretty Good Privacy) is a public key encryption package
to protect E-mail and data files. It lets you communicate
securely with people you've never met, with no secure channels
needed for prior exchange of keys. It's well featured and fast,
with sophisticated key management, digital signatures, data compression,
and good ergonomic design. If you really want to learn how to use it
properly, it's best to read the full documentation [of PGP]
that comes with the system, which is very complete."

While encryption, signing and verification of messages are done
by the PGP/GnuPG binary, the key selection process is done by
Archimedes. Archimedes selects the proper public key
for the recipient by parsing your public key ring
and comparing it with the numerical key IDs you assigned in your
address book. The key IDs and the text are passed to the 
external PGP binary via command line.

Currently Archimedes has built-in support for PGP Versions
2.6x and 5.x . PGP 6 support will be included soon.


Frequently Asked Questions related to Pretty Good Privacy / GnuPG
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Q: I haven't found any configuration option to encrypt outgoing
   mail also by default with my own key.
   
-> This option is not included in Archimedes, since there is a 
   configuration option in PGP/GnuPG itself.
   
   * In PGP 2.6.x make sure that there is the follwing line in 
     your config.txt (which should be located in your ~/.pgp directory):
   
     EncryptToSelf = On  # Encrypt all messages with your own key
   
   * In GnuPG insert the following line into your ~/.gnupg/options:
     
     encrypt-to 0xYourKeyID

~~~~~
   
Q: I think it is a security problem, that Archimedes stores my
   passphrase in the cache.
   
-> You can think of that as a security problem.
   If Archimedes crashes and dumps core, the passphrase
   may get dumped too. You have two options,
   disable core dumping or set the time that Archimedes should
   remember the passphrase to 0. This way, nothing gets stored anywhere.     
 			     						    