GnuPG, Winblows, Speed, Key Management

Graham graham@todd276.worldonline.co.uk
Wed, 27 Dec 2000 17:35:15 GMT 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi there, Toni Mueller,

On 27 December 2000, I received the following message from you
regarding
"GnuPG, Winblows, Speed, Key Management"

TM> Hello,
TM> 
TM> I'm currently promoting the use of GnuPG, but have a number of
TM> problems doing so. My main reasons to promote GnuPG are that
TM> it's both an open-sourced and also non-US encryption package,
TM> that it builds on the PGP principles of working w/o a central
TM> CA, and because it's able to incorporate newer encryption
TM> algorithms and longer key lengths than Sphinx
TM> (read "political decision").
TM> 
TM> - Problem #1: There appears to be no good Winblows interface for
it,
TM>   or at least no good way to hook it into Outlook, IE, Netscape
there,
TM>   what have you.

At present, in Windows, GnuPG is totally a command line program. 
There are two good interfaces for it that act somewhat like PGPtray,
and these are WinPT and GnuPGShell.  Using either of these, you can
use GnuPG with any Windows MUA.  My own Windows MUA, Becky!2, has a
GnuPG plug-in which will enable you to interface GnuPG directly from
within the program.

WinPT is available from:
http://www.freenet.de/joesixpack/winpt-en.html
GnuPGShell is available from:
http://www.bigfoot.com/~rsoft
Becky!2 is available from:
http://www.rimarts.co.jp
the Becky!2 plug-in (BkGnuPG) is available from:
 http://hp.vector.co.jp/authors/VA023900/gpg-pin/

TM> - Problem #2: It's dog slow. I have still less than 300 keys in my
TM>   keyring (expecting to double that soon), and often find myself
TM>   interrupting gpg to read the message instead of waiting to
verify
TM>   the signature. Similar things hold for signing or encrypting a
TM>   message.

I haven't found this (just the opposite) but I use my MUA; if you do
that, or one of the interfaces, you will find it works at least as
fast as PGP.

TM> - Problem #3: I have adjusted gpg to fetch keys on demand from a
TM>   keyserver. My experience is that these key servers apparently
TM>   don't synchronize their data sets in a reasonable time frame
TM>   (weeks!), so I end up fetching keys from varying servers. This
TM>   is __very__ inconvenient, and of course unsuitable to the casual
TM>   Winblows user. How do I go about this?

WinPT has currently limited keyserver support, but this is being
increased in the current version which is in development.  Otherwise,
use a web based server such as the Esnet server at:

http://www.es.net/hypertext/pgp/

alternatively, run PGP 6.5.8 merely for keyserver access.  It will
show an error warning to the effect of bad parameters, but will
(eventually) accept GnuPG keys.  Currently, GnuPG has no keyserver
support (hopefully to be corrected when GnuPA for Windows becomes
available).

The PGP servers synchronise very quickly, but GnuPG keys don't seem to
be on the default keyservers in PGPtray for some time (as you say).

TM> - Problem #4: What to do in the face of massive distribution and
TM>   promotion of Sphinx which is also _not_ interoperable with any
TM>   kind of PGP?

Excuse my ignorance, but what is Sphinx and is it available for
Windows?
TM> 
TM> Please Cc me on answers since I'm not on the list. Thank you!
TM> 
TM> 
TM> Best Regards,
TM> --Toni++

Have done!

Graham                  reply to: graham@todd276.worldonline.co.uk

Please PGP/GnuPG sign mail for verification and encrypt for internet
security

Written on 27 December 2000 17:14:32
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4-1 (MingW32) - GnuPGshell v0.96
Comment: Please use my key ID: 0x99DB10BD

iD8DBQE6Sig5LuLY+pnbEL0RArcaAJ4vZX/ZyQ+75HgvUzbVh0u6dGqKWgCcCwer
oXp5rtwoQb1ni2T7sSWZz6k=
=cb6e
-----END PGP SIGNATURE-----


-- 
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org