<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9"> <TITLE>Mutt-i, GnuPG and PGP Howto: PGP and GnuPG</TITLE> <LINK HREF="Mutt-GnuPG-PGP-HOWTO-6.html" REL=next> <LINK HREF="Mutt-GnuPG-PGP-HOWTO-4.html" REL=previous> <LINK HREF="Mutt-GnuPG-PGP-HOWTO.html#toc5" REL=contents> </HEAD> <BODY> <A HREF="Mutt-GnuPG-PGP-HOWTO-6.html">Next</A> <A HREF="Mutt-GnuPG-PGP-HOWTO-4.html">Previous</A> <A HREF="Mutt-GnuPG-PGP-HOWTO.html#toc5">Contents</A> <HR> <H2><A NAME="s5">5. PGP and GnuPG</A></H2> <P>To use anyone of the versions of <EM>PGP</EM> with <EM>Mutt-i</EM>, first it will be necesary to configure <EM>PGP</EM> properly in the way that the public keys file (public keys ring) and the private keys file (private keys ring) will exist. It is convenient to previously test PGP from the command line to assure that it signs and encrypt correctly. <P>Remember that the <EM>PGP</EM> versions that exist for <EM>Unix</EM> are <CODE>2.6.3(i)</CODE> and <CODE>5.0(i)</CODE>, that we call <B>PGP2</B> and <B>PGP5</B> respectively forward. <B>GnuPG</B> is a new encrypt system, being developed in these days, in an advanced state of development, open source and free, in many aspects better than <B>PGP</B> (see GnuPG mini howto <A HREF="http://www.dewinter.com/gnupg_howto">http://www.dewinter.com/gnupg_howto</A>). <P>We will also clarify that <EM>PGP</EM>, as being a program developed in the US, is restricted by certain exporting laws about programs that include cryptographic code; this is the reason for the existance of an international version to almost all binary versions, and it is noted with the "<B>i</B>" letter (<B>pgp - pgpi</B>). <P> <H2><A NAME="ss5.1">5.1 PGP2</A> </H2> <P><EM>PGP2</EM> generates keys with the RSA <A HREF="http://www.rsa.com">http://www.rsa.com</A>,algorithm and it uses IDEA <A HREF="http://www.ascom.ch">http://www.ascom.ch</A> as the encryption algorithm. Both are propietary algorithms and its use is restricted by its respectives patents. <P>To run it correctly, you must have it installed, as well as having a directory called <CODE>~/.pgp</CODE>, containing the configuration file <CODE>pgp-i.conf</CODE> and the private and public keys rings files, <CODE>pubring.pgp</CODE> and <CODE>secring.pgp</CODE> respectively. <P> <H2><A NAME="ss5.2">5.2 PGP5</A> </H2> <P>The keys generated by <EM>PGP5</EM> are <B>DSS/DH</B> (Digital Signature Standard / Diffie-Helman). PGP5 uses <B>CAST</B>, <B>Triple-DES</B>, and <B>IDEA</B> as encrypt algorithms. PGP5 can work with encrypted or signed data with <EM>RSA</EM> (PGP2), and use that keys to sign or encrypt (with the keys generated with PGP2, because PGP5 can not generate that type of keys). In the other hand, PGP2 can not use the <EM>DSS/DH</EM> keys from PGP5; this creates incompatibility problems, because many users continue using PGP2 with <EM>Unix/Linux</EM>. <P>To run PGP5 correctly, in the <CODE>~/.pgp</CODE> directory you will have the public and private key rings (<CODE>pubring.pkr</CODE> and <CODE>secring.skr</CODE> respectively), and the configuration file <CODE>pgp.cfg</CODE>. <P>In the case that you have installed the both versions of <EM>PGP</EM> (PGP2 installed and configured before PGP5), we will create the configuration file <CODE>~/.pgp/pgp.cfg</CODE> of PGP5 as a simbolic link to the <CODE>~/.pgp/pgp-i.conf</CODE> configuration file, <P> <BLOCKQUOTE><CODE> ~/.pgp$ ln -s pgp-i.conf pgp.cfg </CODE></BLOCKQUOTE> <P>adding the following lines at the end of the file <CODE>~/.pgp/pgp-i.conf</CODE>: <P> <BLOCKQUOTE><CODE> <PRE> PubRing = "~/.pgp/pubring.pkr" SecRing = "~/.pgp/secring.skr" RandSeed = "~/.pgp/randseed.bin" </PRE> </CODE></BLOCKQUOTE> <P>The files with the keys rings of the different versions can cohexist without any problem in the same directory. <P> <H2><A NAME="ss5.3">5.3 GnuPG</A> </H2> <P><B>GnuPG</B> is a program with the same functions that the previous. The difference with <EM>PGP</EM>, <EM>GnuPG</EM> do not uses algorithms with restrictive patents. <EM>PGP</EM> is free for personal uses but not comercial jobs and its development is closed. <EM>GnuPG</EM> is free to be used in any job and it is open source, as our favorite operating system (also its implementation and development is made mainly in <EM>Linux</EM>). <P>The keys generated by <EM>GnuPG</EM> are of the type <B>DSA/ElGamal</B> (<EM>Digital Signature Algorithm</EM>, also known as <EM>DSS</EM>). Is totaly compatible with <EM>PGP</EM>, except with the use of restricted patents algorithms <EM>RSA</EM> and <EM>IDEA</EM>. Anyway, it is posible to implement certain compatibility with that (see GnuPG mini howto <A HREF="http://www.dewinter.com/gnupg_howto">http://www.dewinter.com/gnupg_howto</A> to get it interacting with PGP2 and PGP5). <P> <HR> <A HREF="Mutt-GnuPG-PGP-HOWTO-6.html">Next</A> <A HREF="Mutt-GnuPG-PGP-HOWTO-4.html">Previous</A> <A HREF="Mutt-GnuPG-PGP-HOWTO.html#toc5">Contents</A> </BODY> </HTML>