Cyphernomicon Top
Cyphernomicon 7.7

PGP -- Pretty Good Privacy:
Where to Get PGP?


    7.7.1. "Where can I get PGP on CompuServe?"
           - Note: I can't keep track of the major ftp sites for the
              various crypto packages, let alone info on services like
              this. But, here it is;
           - "Current as of 5-Jul-1994:"
              GO EURFORUM / Utilities   PGP26UI.ZIP   PGP 2.6ui
              GO PWOFORUM / New uploads PGP26.ZIP     PGP 2.6
               PWOFORUM also has the source code and documentation, plus
              a number of shell utilities for PGP.  Version 2.3a is also
              still around." [cannon@panix.com, Kevin Martin,  PGP on
              Compuserve??, alt.security.pgp, 1994-07-08]
    7.7.2. Off line PGP
           + ftp.informatik.uni-
              hamburg.de:/pub/virus/crypt/pgp/tools/pgp-elm.zip
             - another place: Crosspoint: ftp.uni-
                kl.de:/pub3/pc/dos/terminal/xpoint XP302*.EXE
           + "I highly recommend Offline AutoPGP v2.10.  It works
              seamlessly with virtually any offline mail reader that
              supports .QWK packets.  Shareware registration is $10.00
              US.  The author is Staale Schumacher, a student at the
              University of Oslo, is reachable at staale@ifi.uio.no .
              The program should be pretty widely available on US bbs's
              by now.  I use the program constantly for bbs mail.  It's
              really quite a slick piece of work.  If you have any
              trouble finding it, drop me a note."
              [bhowatt@eis.calstate.edu  Brent H. Howatt, PGP in an
              offline reader?, alt.security.pgp, 1994-07-05]
             - oak.oakland.edu in /pub/msdos/offline, version 2.11
             - ftp.informatik.uni-
                hamburg.de:/pub/virus/crypt/pgp/tools/apgp211.zip
    7.7.3. "Should I worry about obtaining and compiling the PGP
            sources?"
           - Well, unless you're an expert on the internals of PGP, why
              bother? And a subtle bug in the random number generator
              eluded even Colin Plumb for a while.
           - The value of the source being available is that others can,
              if they wish, make the confirmation that the executable
              correspond to the source. That this _can_ be done is enough
              for me. (Strategy: Hold on to the code for a while, wait
              for reports of flaws or holes, then use with confidence.)
           - Signatures can be checked. Maybe timestamped versions,
              someday.
           - Frankly, the odds are much higher that one's messages or
              pseudonymous identity will be exposed in others ways than
              that PGP has been compromised. Slip-ups in sending messages
              sometimes reveal identities, as do inadvertent comments and
              stylistic cues.
  

Next Page: 7.8 How to Use PGP
Previous Page: 7.6 PGP Versions

By Tim May, see README

HTML by Jonathan Rochkind