-----BEGIN PGP SIGNED MESSAGE----- About PGP 2.63ui ================ This is PGP 2.63ui, the successor to PGP 2.6ui and 2.62ui, an unofficial international release of the famous public key encryption program, based originally on version 2.3a. Refer to files README.1st and README.2nd for history and justification of previous versions, which also apply to 2.63ui. 2.63ui incorporates the following changes and fixes from 2.62ui. Added CONFIG.TXT Parameters: LabelEncrypt = on # Label Encrypted Armored files with Recipient(s) This will add readable text in front of an encrypted and armored file listing the public keys used to encrypt it. The format of the text is similar to what appears on the console during (-l) decryption. This option interacts with ArmorLines so that the Armorlines limit is not exceeded even when the readable text is included. (Unless necessary to avoid exceeding 99 sections, as was true previously). Some may be concerned that the prepended readable text is a security exposure. If so, turn the option off in CONFIG.TXT or the command line. But be aware that encrypted text contains the KeyID's of all intended recipients in easily accessible form. PrePendSigV=on # Prepend Signature Verification msg to output text When verifying the signature on a text (not binary) file, and a detached signature (-b) is not requested, PGP 2.63ui will prepend a message with the results of the signature verification (good or bad) similar to what appears on the console. Note that this readable text does -not- constitute -proof- (except to you) that the text was signed. For proof to a third party, you must either retain the binary (or armored) text with signature attached, or clearsigned text with signature, or retain a detached signature. Expanded Compatibility with Early PGP Versions. version_byte=3 is usually set to Emulate PGP 2.6 after 9/1/94 Version_byte must be set to 2 before encrypting/signing messages to be decrypted/verified by PGP 2.2 or 2.3a. Also, unique to PGP 2.63ui, is the ability to set version_byte to 2 in extracted keys (-kx[a]). This allows PGP 2.63ui to extract keys which may have been created and/or signed by MIT PGP or by a ui version with version_byte set to 3 and create an extracted key which may be added (-ka) by PGP 2.3a. Note that the reverse is not true. If version_byte=3, keys created with version_byte=2 are -not- changed when extracted. The reason for this is that if version_byte is changed on a key, then any attached signatures seem to be invalidated. Probably the version_byte of the key is included in the MD5 digest used to generate the signature. Expanded Error Checking Most disk writes are now checked for errors or running out of disk space. Key Generation and other Keyring maintenance operations check for write access to public and (where required) secret keyrings before lengthy processing starts. Previous versions were not checking if the keyrings were set to read-only, which led to invalid results. Read a list of recipient UserID's from a file A UserID-File is specified in the command line by an entry which starts with ":@" followed by a filename in any position in which a recipient UserID would be accepted. If the file exists and is readable, the routine will load the contents and insert it into the command line as if the names had been specified there. Each entry in the file consists of one line. The file line will be treated as one argument, no matter whether it contains spaces or not. Lines beginning with "#" will be ignored and treated as comments. Empty lines will be ignored also. Trailing white spaces will be removed. Currently, ParseRecipients() uses one fixed buffer, meaning, No line in the file may be longer than 255 characters. The number of included lines is limited only by available memory. When any kind of problem occurs, PGP will terminate and do nothing. No need to test for an error, the result is always correct. This feature is compatible with 2.6.3i. In 2.63ui, you may also specify a userid file from the prompt which is issued if either no UserID's are placed on the command line or the last UserID entry is a "+". Note that a maximum of 99 Userid's may be specified by a combination of command line and prompt, including UserID file pointers. But the UserID files themselves may have a nominally unlimited number of line entries, as long as memory holds out. Improved Checking for Text files. Previous versions of PGP often mistook text files in various national languages for binary files, preventing generation of signed cleartext or proper conversion of line-end characters, etc. The improved version does not test for for 8-bit characters at all, rather for the presence of unallowed control characters. This version does not depend at all on the setting of the language= CONFIG.TXT parameter. The purpose of this parameter is to translate internal messages for the local operator. The language of the message may be altogether different if the recipient is in another country. This routine is compatible with 2.6.3i, by agreement with Stale Schumacher. PGP 2.63ui allows you to change UserID's of keys not your own (corresponding secret key not present). You can sign the new ID with your own secret key but (obviously) not with the other person's secret key. -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Requires PGP version 2.6 or later. iQCVAwUBMl7INwc2DukbwCfhAQEZ1QP+N/CWSPJxNUWbxpzjaabAtBf7LpUGGb2U LeUfMjD64dc8yA+SsMj7wsI9DRCEUUhdfhiN7ZdY0meAOqHWgNpbsVhB7vCPdqPd YMeFrsZb4IFk2GXF6rxHXT5LBm3+RAyZytuPgH+dZY/y4S9lmS1OTpE6/0bXUHpM 2nRQN0o44cE= =abiw -----END PGP SIGNATURE-----