Discussion:
PGP 9.8 for the MAC
(too old to reply)
Nemo
2008-07-14 23:59:17 UTC
Permalink
I have been considering buying PGP 9.8 for OSX but the reviews are terrible.

Any one in this group have any experience with it?

Thanks
Hud
Sheridan Hutchinson
2008-07-15 23:24:57 UTC
Permalink
Post by Nemo
I have been considering buying PGP 9.8 for OSX but the reviews are terrible.
Any one in this group have any experience with it?
Thanks Hud
I don't know if you can, however if you can get GnuPG for OSX then that
may suffice all your needs, and it's completely open source.
--
Regards,
Sheridan Hutchinson
***@Shezza.org
1PW
2008-07-16 01:51:27 UTC
Permalink
Post by Nemo
I have been considering buying PGP 9.8 for OSX but the reviews are terrible.
Any one in this group have any experience with it?
Thanks
Hud
<http://macgpg.sourceforge.net/>

We receive very few comments about Mac OS X and GnuPG. If you try it, please
let us know what you think. Personally, I have compiled version 2.0.9 for use
with Linux and I'm happy with it.
--
1PW

@?6A62?FEH9:DE=6o2@=]4@> [r4o7t]
Roberto Franceschetti
2008-08-11 03:25:53 UTC
Permalink
Post by 1PW
Post by Nemo
I have been considering buying PGP 9.8 for OSX but the reviews are terrible.
Any one in this group have any experience with it?
Thanks
Hud
<http://macgpg.sourceforge.net/>
We receive very few comments about Mac OS X and GnuPG. If you try it, please
let us know what you think. Personally, I have compiled version 2.0.9 for use
with Linux and I'm happy with it.
I've been using PGP 9.7 for several months on Tiger and Leopard, after
"upgrading" from GnuPG.
PGP's support for the Mac version leaves a lot to be desired. For example,
Leopard support was added a loooong time after Lepard was released, I had to
posptpone upgrading to Leopard for a few months while waiting for PGP to
issue a Leopard-compatible version.

Mac's PGP's WDE (Whole Disk Encryption), unlike the Windows version, is a
complete joke. Quite simply, there is no encryption possible on your boot
drive, meaning you can't encrypt your "Macintosh HD". That's completely
useless!

However.... PGP does have a much more friendly GUI and is just simpler to
use in your day-to-day operations than GnuPGP. This is why, non-withstanding
all the issues with PGP, I sucked everything in and switched to PGP.
--
Roberto Franceschetti
LogSat Software
http://www.logsat.com
zengelan
2008-08-12 08:07:35 UTC
Permalink
PGP Corporation is about ot release boot disk support for Mac Whole
Disk Encryption:
http://www.pgp.com/products/wholediskencryption/osx.html
Nemo
2008-08-18 01:37:50 UTC
Permalink
Post by Roberto Franceschetti
Post by 1PW
Post by Nemo
I have been considering buying PGP 9.8 for OSX but the reviews are terrible.
Any one in this group have any experience with it?
Thanks
Hud
<http://macgpg.sourceforge.net/>
We receive very few comments about Mac OS X and GnuPG. If you try it, please
let us know what you think. Personally, I have compiled version 2.0.9 for use
with Linux and I'm happy with it.
I've been using PGP 9.7 for several months on Tiger and Leopard, after
"upgrading" from GnuPG.
PGP's support for the Mac version leaves a lot to be desired. For example,
Leopard support was added a loooong time after Lepard was released, I had to
posptpone upgrading to Leopard for a few months while waiting for PGP to
issue a Leopard-compatible version.
Mac's PGP's WDE (Whole Disk Encryption), unlike the Windows version, is a
complete joke. Quite simply, there is no encryption possible on your boot
drive, meaning you can't encrypt your "Macintosh HD". That's completely
useless!
However.... PGP does have a much more friendly GUI and is just simpler to
use in your day-to-day operations than GnuPGP. This is why, non-withstanding
all the issues with PGP, I sucked everything in and switched to PGP.
Thanks for the information. I see from a later post that whole disk
encryption is coming out with boot disk support. I will probably wait a
little linger then to see what other issues shake out.
Basar Alabay
2009-02-07 10:57:25 UTC
Permalink
Post by Roberto Franceschetti
However.... PGP does have a much more friendly GUI and is just simpler to
use in your day-to-day operations than GnuPGP. This is why, non-withstanding
all the issues with PGP, I sucked everything in and switched to PGP.
Is there still a freeware version?

B. Alabay
Neil - Salem, MA USA
2009-02-07 14:43:57 UTC
Permalink
Post by Basar Alabay
Post by Roberto Franceschetti
However.... PGP does have a much more friendly GUI and is just simpler to
use in your day-to-day operations than GnuPGP. This is why,
non-withstanding
all the issues with PGP, I sucked everything in and switched to PGP.
Is there still a freeware version?
B. Alabay
Yes. You can download PGP 9.9 for either MAC or Windows from
http://www.pgp.com/downloads/desktoptrial/desktoptrial2.html

You will be offered a trial license key that will enable lots of added
functionality for one month, after which the software reverts to "freeware"
functionality. You don't have to install the trial license at all, if you
don't want to, which means the software will behave as freeware immediately.

Neil - Salem, MA USA
Basar Alabay
2009-02-07 15:05:54 UTC
Permalink
Post by Neil - Salem, MA USA
which means the software will behave as freeware immediately.
But, is there a Mail.app plugin then?!

B. Alabay
Neil - Salem, MA USA
2009-02-07 17:08:06 UTC
Permalink
Post by Basar Alabay
Post by Neil - Salem, MA USA
which means the software will behave as freeware immediately.
But, is there a Mail.app plugin then?!
B. Alabay
No. PGP 9.x uses an "email proxy" that "sits between" your email client and
your connection to the Internet (and your ISP's email servers). The email
proxy intercepts all communications initiated by your email client and
encrypts, decrypts, signs, and/or verifies the email traffic "on the fly" as
your email traffic flows through the email proxy. The email proxy works
with transparently many popular email clients.

However, this email proxy is a licensed feature that you must pay for!
Without a license, PGP 9.9 will function much like PGP 8.1 did.

(THE FOLLOWING IS EXTRA DETAIL. IF YOU DON'T HAVE TIME, JUST IGNORE IT.)

For example, I use a license on my installation of PGP 9.9 called "PGP
Desktop Home" which enables the PGP email proxy. It also gives me a very
nice feature called PGP Virtual Disks. It cost me $99, a price that is
steep by some people's standards, but acceptable to me. I find the Virtual
Disk feature to be very useful and worth the money since I can easily move
thousands of important files to a Virtual Disk and know that they are
automatically secured (in case my computer is ever stolen).

If you use PGP 9.9 as freeware, the only way to encrypt email is to use
either the "Current Window" method or the "Clipboard" method.

The Current Window method works as follows: You open your email client and
compose an email. Before you send it, you right-click on a PGP icon in the
System Tray (aka Tray Bar), select "Current Window", select "Encrypt and
Sign" or "Encrypt" or "Sign", then select one or more PGP keys from you PGP
Keyring to encrypt to (unless you chose "Sign" only). (You will also need
to enter your passphrase for you private key if you chose either "Encrypt
and Sign" or "Sign".) Your encrypted and/or signed email will automatically
replace your clear text in the body of the email. You then simply send your
email. IN OTHER WORDS, THIS IS HOW PGP 8.1 USE TO WORK.

In the Clipboard method, you must cut your email's text to the clipboard and
then right-click on the PGP icon and select Clipboard. You then select an
operation to perform ("Encrypt and Sign", "Encrypt" or "Sign"), select PGP
keys, and possibly enter your passphrase for you private key, after which
you would paste the encrypted and/or signed results from the clipboard back
into the content area of your email client. AGAIN, this is how PGP 8.1 use
to work.

In either the Current Windows method or the Clipboard method, the content of
your email body will end up being simple text after it is decrypted.

For either the Current Window method or the Clipboard method, if you want to
encrypt and/or sign attachments, you will need to perform the encryption
and/or signing of your files prior to attaching them to the email. (PGP 9.9
operating as freeware allows for encrypting and/or signing of files, just as
PGP 8.1 did!)

If you choose to buy a license for PGP 9.9 which specifically allows for the
PGP email proxy (such as the PGP Desktop Home license), you will be able to
automatically encrypt email messages which are either text or HTML and you
will be able to automatically encrypt and/or sign attachments. The PGP
email proxy understands PGP/MIME and PGP Partitioned protocols.

PGP/MIME is very, very nice (in my opinion). It allows me to compose an
email in text or HTML formats, embed content in the HTML email such as
embedded inline images, and attach any kinds of files to the email and then
encrypt to entire email as "one package". When such an email is decrypted
by a recipient who is using software that also understands PGP/MIME, the
entire encrypted and signed "package" is decrypted and verified and the
original email is revealed: HTML or text content, inline embedded content
and all attachments. The integrity of the original email is kept fully
intact. I like that a lot.

PGP Partitioned allows the PGP email proxy to behave like many of the email
plugins used to work for earlier versions of PGP prior to PGP 9.x. In this
protocol, each attachment to an email is automatically encrypted and/or
signed separately, the HTML content is encrypted and/or signed separately,
and each and every embedded inline element is encrypted and/or signed
separately. All of these pieces become attachments to the email that is
sent to the recipient.

It is possible to use the PGP email proxy to encrypt or encrypt and sign a
text email and place the cyphertext in the body of the email that is sent to
the recipient. Likewise, using the PGP email proxy, it is possible to
sign-only a text email and put the clearsigned message in the body of the
email that is sent to the recipient. This requires the use of PGP
Partitioned protocol and text-only in the body of the mail. (Attachments
will also be automatically encrypted and/or signed if there are any.)

Neil - Salem, MA USA
Basar Alabay
2009-02-07 17:56:23 UTC
Permalink
Post by Neil - Salem, MA USA
Post by Basar Alabay
But, is there a Mail.app plugin then?!
B. Alabay
No. PGP 9.x uses an "email proxy" that "sits between" your email client and
your connection to the Internet (and your ISP's email servers). The email
proxy intercepts all communications initiated by your email client and
encrypts, decrypts, signs, and/or verifies the email traffic "on the fly" as
your email traffic flows through the email proxy. The email proxy works
with transparently many popular email clients.
However, this email proxy is a licensed feature that you must pay for!
Without a license, PGP 9.9 will function much like PGP 8.1 did.
(THE FOLLOWING IS EXTRA DETAIL. IF YOU DON'T HAVE TIME, JUST IGNORE IT.)
Thank you for your explanations.

Greets,
B. Alabay
Elliott Roper
2009-02-08 23:40:34 UTC
Permalink
Post by Basar Alabay
Post by Neil - Salem, MA USA
Post by Basar Alabay
But, is there a Mail.app plugin then?!
B. Alabay
No. PGP 9.x uses an "email proxy" that "sits between" your email client and
your connection to the Internet (and your ISP's email servers). The email
proxy intercepts all communications initiated by your email client and
encrypts, decrypts, signs, and/or verifies the email traffic "on the fly" as
your email traffic flows through the email proxy. The email proxy works
with transparently many popular email clients.
However, this email proxy is a licensed feature that you must pay for!
Without a license, PGP 9.9 will function much like PGP 8.1 did.
(THE FOLLOWING IS EXTRA DETAIL. IF YOU DON'T HAVE TIME, JUST IGNORE IT.)
Thank you for your explanations.
For completeness, there *IS* a PGP mail.app plugin
For some users, f'rinstance behind certain VPN set-ups, or those who
wish to keep their stored mails still encrypted the proxy is less than
perfect.
You wake up the plug-in by choosing 'manual' in the PGP set-up and
following the directions there.

Note that the plugin uses a hack not blessed by Apple. PGP Corp has so
far commendably kept it working across several versions of OS X, but
sometimes with a worrying delay between new OS X and new plug-in.
--
To de-mung my e-mail address:- fsnospam$elliott$$
PGP Fingerprint: 1A96 3CF7 637F 896B C810 E199 7E5C A9E4 8E59 E248
Basar Alabay
2009-02-09 07:03:57 UTC
Permalink
Post by Elliott Roper
You wake up the plug-in by choosing 'manual' in the PGP set-up and
following the directions there.
After some hassle with my new GPG 2 setup I got everything to work, so
at the moment it's not so important. I still have an old PGP 8 but can't
use it with Mail.app due to Intel/PPC issues.

But, is using PGP with Mail.app including this plugin (I didn't expect
that decrypted messages don't stay encrypted, of course I want to have
something decrypted, when I read it, neither before, nor after that)
possible with the "free" version? I'm absolutely not interested in
PGPdisk or things like these due to Apple's built-in encrypted images
and TrueCrypt, *if* necessary. First goal is even not encrypting but
signing. It's not easy to find content with encrypted mails ... Mail.app
seems to have support for inclusion of conetnt of the S/MIME onboard
encrypted mails. But I had been too stupid to start this chapter with
certificate ;-)

B. Alabay
Elliott Roper
2009-02-09 16:27:08 UTC
Permalink
Post by Basar Alabay
Post by Elliott Roper
You wake up the plug-in by choosing 'manual' in the PGP set-up and
following the directions there.
After some hassle with my new GPG 2 setup I got everything to work, so
at the moment it's not so important. I still have an old PGP 8 but can't
use it with Mail.app due to Intel/PPC issues.
But, is using PGP with Mail.app including this plugin (I didn't expect
that decrypted messages don't stay encrypted, of course I want to have
something decrypted, when I read it, neither before, nor after that)
possible with the "free" version? I'm absolutely not interested in
PGPdisk or things like these due to Apple's built-in encrypted images
and TrueCrypt, *if* necessary. First goal is even not encrypting but
signing. It's not easy to find content with encrypted mails ... Mail.app
seems to have support for inclusion of conetnt of the S/MIME onboard
encrypted mails. But I had been too stupid to start this chapter with
certificate ;-)
Maybe I'm a total numpty. I thought the proxy decrypted mails on
arrival and left 'em decrypted. Similarly I expected sent mail to be
encrypted by the proxy thing, yet remain plaintext in my sent folder.

That is totally unacceptable on something as nickable as a laptop, so I
keep coughing up for major versions of PGP and keep hoping the plugin
keeps on pluggin'.

Have I been wasting my money?
--
To de-mung my e-mail address:- fsnospam$elliott$$
PGP Fingerprint: 1A96 3CF7 637F 896B C810 E199 7E5C A9E4 8E59 E248
Neil - Salem, MA USA
2009-02-09 19:46:10 UTC
Permalink
[...snip...]
... I thought the proxy decrypted mails on
arrival and left 'em decrypted. Similarly I expected sent mail to be
encrypted by the proxy thing, yet remain plaintext in my sent folder.
That is totally unacceptable on something as nickable as a laptop, so I
keep coughing up for major versions of PGP and keep hoping the plugin
keeps on pluggin'.
Have I been wasting my money?
With regard to the behavior of the PGP email proxy, you are correct about
the fact that received emails are left decrypted and those emails that are
sent remain unencryted in the Sent (or Sent Items) folder.

As I said in a previous post, I use a paid version of PGP 9.9 which gives me
the PGP email proxy as well as PGP Virtual Disks.

I understand that this message thread is about the Mac version of PGP. I
use the Windows version of PGP. Nevertheless, perhaps the following might
be of help.

I use Outlook Express on Windows, which gives me the option of specifying a
location for my "Mail Store". I have placed my Mail Store on a PGP
encrypted Virtual Disk. If ever my computer were to be stolen, my received
emails are safe as are those in my Sent Items folder.

Some have complained that the PGP email proxy removes the digital signatures
from received emails (though the software does tell you with a message
whether an email's signature was correctly verified or not). The problem
with this is that I cannot prove, at a later time, that an email had (at one
time) a verifiable signature. If I needed that electronic signature for
legal reasons, it's gone! My solution to this problem is the following. I
have configured my Comcast email account to direct a copy of my received
emails to another email address that I own. Thus I receive the same email
twice, once from the first email account and again from the second account.
I have configured the PGP 9.9 email proxy to allow emails from this second
account to be received without being decrypted or verified ...so any
encryption and/or digital signatures remain!

Neil - Salem, MA USA
zengelan
2009-02-09 21:17:08 UTC
Permalink
You might want to check out the following Knowledgebase articles:

PGP Mail Plug-in for Mac https://pgp.custhelp.com/cgi-bin/pgp.cfg/php/enduser/std_adp.php?p_faqid=1099&p_topview=1

HOW TO: Encrypt email messages stored on IMAP Servers
https://pgp.custhelp.com/cgi-bin/pgp.cfg/php/enduser/std_adp.php?p_faqid=1102&p_topview=1
Elliott Roper
2009-02-13 23:13:29 UTC
Permalink
In article
Post by zengelan
PGP Mail Plug-in for Mac
https://pgp.custhelp.com/cgi-bin/pgp.cfg/php/enduser/std_adp.php?p_faqid=1099&
p_topview=1
HOW TO: Encrypt email messages stored on IMAP Servers
https://pgp.custhelp.com/cgi-bin/pgp.cfg/php/enduser/std_adp.php?p_faqid=1102&
p_topview=1
Thanks. I knew about the former. As soon as the plugin stops working, I
stop buying PGP. The proxy is useless for my purposes.

As for the second - *SHUDDER*
You need a pgp server to do it properly. It is possibly a solution,
like the proxy design disaster, for users in corporations that would
not encrypt any mail unless spoon-fed to satiation.

I get the feeling that pgp corp made a disastrous mistake with the
proxy, and a sub-feeling that someone inside knows this and keeps the
mac plug-in working despite Apple's attempts at obfuscation.

I'm interested in keeping my mail away from prying eyes. I live in the
UK, which has inherited the spy-on-your-neighbour championship from the
East German STASI. I run my own mail server, and nothing, but nothing
stays on a public server for longer than epsilon nanoseconds if I can
help it.

I only wish that more than a tiny fraction of my correspondents shared
that view. Which is another way of saying that disaster or not, proxy
is probably the best thing that pgp corp can actually sell to the
infinite supply of numpties out there.
--
To de-mung my e-mail address:- fsnospam$elliott$$
PGP Fingerprint: 1A96 3CF7 637F 896B C810 E199 7E5C A9E4 8E59 E248
Neil - Salem, MA USA
2009-02-07 18:23:22 UTC
Permalink
[...snip...]
It is possible to use the PGP email proxy to encrypt or encrypt and sign a
text email and place the cyphertext in the body of the email that is sent
to the recipient. Likewise, using the PGP email proxy, it is possible to
sign-only a text email and put the clearsigned message in the body of the
email that is sent to the recipient. This requires the use of PGP
Partitioned protocol and text-only in the body of the mail. (Attachments
will also be automatically encrypted and/or signed if there are any.)
Woops ...I should have been a bit more precise. I should have said that if
one uses the email proxy and specifies PGP Partitioned protocol, after
encryption and/or encryption plus signing, the body of the resulting email
will contain cyphertext for the text portion of the body of the original
email. In otherwords, the visible cyphertext in the body of the resulting
email will not include cyphertext for special HTML code that might have been
in the original message (bold text, centered text, inline embedded content,
etc.) However, though the visible cyphertext reflects only the text content
of the original email, and though it may appear that the body of the
resulting email is in text format, the body of the resulting email will be
in fact in the format of the body of the original email: i.e., text format
or HTML format.

Likewise, if one chooses to sign-only an email using the email proxy and PGP
Partitioned protocol, the clearsigned body of the resulting email will
reflect only a clear signing of the text content of the original email.
This clearsigned body in the resulting email may appear itself to be in text
format, but in fact the body of the resulting email will be in the same
format as that of the original email: i.e., text format or HTML format.

Neil - Salem, MA USA
Neil - Salem, MA USA
2009-02-07 18:25:30 UTC
Permalink
[...snip...]
It is possible to use the PGP email proxy to encrypt or encrypt and sign a
text email and place the cyphertext in the body of the email that is sent
to the recipient. Likewise, using the PGP email proxy, it is possible to
sign-only a text email and put the clearsigned message in the body of the
email that is sent to the recipient. This requires the use of PGP
Partitioned protocol and text-only in the body of the mail. (Attachments
will also be automatically encrypted and/or signed if there are any.)
Woops ...I should have been a bit more precise. I should have said that if
one uses the email proxy and specifies PGP Partitioned protocol, after
encryption and/or encryption plus signing, the body of the resulting email
will contain cyphertext for the text portion of the body of the original
email. In otherwords, the visible cyphertext in the body of the resulting
email will not include cyphertext for special HTML code that might have been
in the original message (bold text, centered text, inline embedded content,
etc.) However, though the visible cyphertext reflects only the text content
of the original email, and though it may appear that the body of the
resulting email is in text format, the body of the resulting email will be
in fact in the format of the body of the original email: i.e., text format
or HTML format.

Likewise, if one chooses to sign-only an email using the email proxy and PGP
Partitioned protocol, the clearsigned body of the resulting email will
reflect only a clear signing of the text content of the original email.
This clearsigned body in the resulting email may appear itself to be in text
format, but in fact the body of the resulting email will be in the same
format as that of the original email: i.e., text format or HTML format.

Neil - Salem, MA USA
Borked Pseudo Mailed
2009-02-08 08:38:48 UTC
Permalink
Post by Neil - Salem, MA USA
Post by Basar Alabay
Post by Neil - Salem, MA USA
which means the software will behave as freeware immediately.
But, is there a Mail.app plugin then?!
B. Alabay
No. PGP 9.x uses an "email proxy" that "sits between" your email client and
your connection to the Internet (and your ISP's email servers). The email
proxy intercepts all communications initiated by your email client and
encrypts, decrypts, signs, and/or verifies the email traffic "on the fly" as
your email traffic flows through the email proxy. The email proxy works
with transparently many popular email clients.
However, this email proxy is a licensed feature that you must pay for!
Without a license, PGP 9.9 will function much like PGP 8.1 did.
(THE FOLLOWING IS EXTRA DETAIL. IF YOU DON'T HAVE TIME, JUST IGNORE IT.)
For example, I use a license on my installation of PGP 9.9 called "PGP
Desktop Home" which enables the PGP email proxy. It also gives me a very
nice feature called PGP Virtual Disks. It cost me $99, a price that is
steep by some people's standards, but acceptable to me. I find the Virtual
Disk feature to be very useful and worth the money since I can easily move
thousands of important files to a Virtual Disk and know that they are
automatically secured (in case my computer is ever stolen).
If you use PGP 9.9 as freeware, the only way to encrypt email is to use
either the "Current Window" method or the "Clipboard" method.
The Current Window method works as follows: You open your email client and
compose an email. Before you send it, you right-click on a PGP icon in the
System Tray (aka Tray Bar), select "Current Window", select "Encrypt and
Sign" or "Encrypt" or "Sign", then select one or more PGP keys from you PGP
Keyring to encrypt to (unless you chose "Sign" only). (You will also need
to enter your passphrase for you private key if you chose either "Encrypt
and Sign" or "Sign".) Your encrypted and/or signed email will automatically
replace your clear text in the body of the email. You then simply send your
email. IN OTHER WORDS, THIS IS HOW PGP 8.1 USE TO WORK.
In the Clipboard method, you must cut your email's text to the clipboard and
then right-click on the PGP icon and select Clipboard. You then select an
operation to perform ("Encrypt and Sign", "Encrypt" or "Sign"), select PGP
keys, and possibly enter your passphrase for you private key, after which
you would paste the encrypted and/or signed results from the clipboard back
into the content area of your email client. AGAIN, this is how PGP 8.1 use
to work.
In either the Current Windows method or the Clipboard method, the content of
your email body will end up being simple text after it is decrypted.
For either the Current Window method or the Clipboard method, if you want to
encrypt and/or sign attachments, you will need to perform the encryption
and/or signing of your files prior to attaching them to the email. (PGP 9.9
operating as freeware allows for encrypting and/or signing of files, just as
PGP 8.1 did!)
If you choose to buy a license for PGP 9.9 which specifically allows for the
PGP email proxy (such as the PGP Desktop Home license), you will be able to
automatically encrypt email messages which are either text or HTML and you
will be able to automatically encrypt and/or sign attachments. The PGP
email proxy understands PGP/MIME and PGP Partitioned protocols.
PGP/MIME is very, very nice (in my opinion). It allows me to compose an
email in text or HTML formats, embed content in the HTML email such as
embedded inline images, and attach any kinds of files to the email and then
encrypt to entire email as "one package". When such an email is decrypted
by a recipient who is using software that also understands PGP/MIME, the
entire encrypted and signed "package" is decrypted and verified and the
original email is revealed: HTML or text content, inline embedded content
and all attachments. The integrity of the original email is kept fully
intact. I like that a lot.
PGP Partitioned allows the PGP email proxy to behave like many of the email
plugins used to work for earlier versions of PGP prior to PGP 9.x. In this
protocol, each attachment to an email is automatically encrypted and/or
signed separately, the HTML content is encrypted and/or signed separately,
and each and every embedded inline element is encrypted and/or signed
separately. All of these pieces become attachments to the email that is
sent to the recipient.
It is possible to use the PGP email proxy to encrypt or encrypt and sign a
text email and place the cyphertext in the body of the email that is sent to
the recipient. Likewise, using the PGP email proxy, it is possible to
sign-only a text email and put the clearsigned message in the body of the
email that is sent to the recipient. This requires the use of PGP
Partitioned protocol and text-only in the body of the mail. (Attachments
will also be automatically encrypted and/or signed if there are any.)
Neil - Salem, MA USA
That does sound involved. Personally I think that Thunderbird + Enigmail +
GnuPG is a much simpler option and a lot more transparent than using
current window or clipboard models you describe.

but... to each their own i guess.
Basar Alabay
2009-02-08 10:09:20 UTC
Permalink
Post by Borked Pseudo Mailed
That does sound involved. Personally I think that Thunderbird + Enigmail +
GnuPG is a much simpler option and a lot more transparent than using
current window or clipboard models you describe.
GPG with GPGmail and Mail.app works fine, too. But with GPG 2 one has a
lack of tools. And it's not all so "easy".

B. Alabay
Neil - Salem, MA USA
2009-02-08 11:50:28 UTC
Permalink
Post by Borked Pseudo Mailed
[...snip...]
[long post about PGP 9.9 and how it can work as freeware
and thus behave like PGP 8.1 freeware]
[...snip...]
That does sound involved. Personally I think that Thunderbird + Enigmail +
GnuPG is a much simpler option and a lot more transparent than using
current window or clipboard models you describe.
but... to each their own i guess.
True. Very true.

I've not used Thunderbird and Enigmail and GnuPG. I should check it out.
Can those products working together handle PGP/MIME? Does it use PGP
Partitioned? Does an email with content that is not purely text (such as an
email with inline embedded images) encrypt and decrypt without changing the
appearance of the original email?
Basar Alabay
2009-02-08 12:40:41 UTC
Permalink
Post by Neil - Salem, MA USA
I've not used Thunderbird and Enigmail and GnuPG. I should check it out.
Can those products working together handle PGP/MIME? Does it use PGP
Partitioned? Does an email with content that is not purely text (such as an
email with inline embedded images) encrypt and decrypt without changing the
appearance of the original email?
Not for Enigmail but Mail.app with GPGmail: yes; I don't know; yes.
My solely problem is my old idea-dependancy from old encrypted messages.
GPG 1.x was easy to selfcompile on a mac, but 2.x?!

B. Alabay
Basar Alabay
2009-02-07 10:57:49 UTC
Permalink
Post by 1PW
We receive very few comments about Mac OS X and GnuPG. If you try it, please
let us know what you think. Personally, I have compiled version 2.0.9 for use
with Linux and I'm happy with it.
Well, I use GPG under OS X since years. Not bad. An actual problem is
that most of the tools have their problems with 2.x. But yesterday I saw
that 2.0.10 is tunable with GPG preferences. That's new, it didn't work
before.

For Mail.app there is a nice plugin from sente.ch. Thunderbird still has
Enigmail.

What I haven't found out yet is, if this GPG 2 is self compilable in an
easy way like the v1 was before, due to big issues with idea. My old PGP
encrypted things (v2, 6, 7 and 8) used idea. WIth GPG 1.x I used to
compile myself, including idea.c. But now?!

Well, it's all a bit complicated. Even if I understand some of it,
*others* never will, and I think this is the big problem.

Maybe thesecertificate ways are better, maybe Germany's planned de-mail
will incorporate several signing musts, we'll see.

B. Alabay
Loading...