Copyright (c) 1990-99 by Networks Associates Technology, Inc., and its Affiliated Companies. All Rights Reserved.
Thank you for using Network Associates' products. This What's New file contains important information regarding PGPfreeware. Network Associates strongly recommends that you read this entire document.
Network Associates welcomes your comments and suggestions. Please use the information provided in this file to contact us.
Warning: Export of this software may be restricted by the U.S. Government.
What's In This File
• About this Freeware Product
• Did You Know?
• New Features
• Documentation
• System Requirements
• Known Issues
• Year 2000 Compliance
• Contacting Network Associates
About this Freeware Product
Network Associates is proud to provide freeware versions of PGP products for non-commercial use. PGP Freeware brings easy-to-use, strong encryption to the masses. You can use PGP to protect your e-mail, files and now even your network connections. Let PGP bring a new level of privacy and security to your everyday computer use and communications with others.
NOTE: Please refer to the included license for the specific terms and conditions of using this product.
Did You Know? PGP Personal Privacy Available
Did you know that PGP Personal Privacy, the retail version of this product, provides many features and benefits not included with this freeware product? The following are just some of the added features and benefits of using PGP Personal Privacy:
• PGPdisk
PGPdisk provides transparent, easy-to-use encryption of files stored on your computer. When mounted, PGPdisks appear as another harddrive on your system. Your files are automatically encrypted when stored and decrypted when accessed on your PGPdisk. PGPdisk gives you the ability to easily protect your files from prying eyes.
• X.509 certificate support
PGP Personal Privacy supports requesting and using X.509 certificates from leading PKI providers like VeriSign and Entrust. You can use your X.509 certificate as another means to authenticate yourself to other VPN products.
• VPN gateway support
Using PGP Personal Privacy you can connect to networks behind IPSec-based VPN gateways, such as firewalls or routers. This feature enables PGP to be used for secure remote access to corporate networks from your home computer.
• Technical support
Network Associates does not provide technical support for freeware products. By purchasing PGP Personal Privacy, you can contact Network Associates technical support to answer any questions you may have about using PGP.
• Licensed for commercial use
PGP Freeware is not licensed for commercial use. PGP Personal Privacy and PGP Desktop Security (the corporate version of this product) are licensed for commercial use.
Thank you for your choosing PGP Freeware as your solution for privacy and security. We encourage you to show your support for this great product by buying a copy of PGP Personal Privacy today! Your purchase will help us continue to extend and enhance this leading personal security solution.
New Features in PGP
1. PGPnet. PGPnet is a landmark product in the history of PGP. PGPnet secures all TCP/IP communications between itself and any other machine running PGPnet. It is also fully interoperable with the Gauntlet GVPN firewall/gateway providing a complete solution for corporate remote access VPNs using the industry standard IPSec (Internet Protocol Security) and IKE (Internet Key Exchange) protocols. PGPnet has been successfully tested with Cisco routers (requires Cisco IOS 12.0(4) or later with IPSec TripleDES Feature Pack), Linux FreeS/WAN, and many others. PGPnet is also the first IPSec product to fully support the use of OpenPGP keys for authentication in addition to X.509.
2. Self-Decrypting Archives. You may now encrypt files or folders into Self-Decrypting Archives (SDA) which can be used by users who do not even have PGP. The archives are completely independent of any application, compressed and protected by PGP's strong cryptography. Using this feature without a passphrase will also allow you to create compact Self-Extracting Archives (SEA) which are not encrypted. The resulting archives run on both PowerPC and 68K Macs, and are encrypted using CAST.
3. X.509 Certificate and CA Support. PGP is now able to interoperate with the X.509 certificate format. This is the format used by most web browsers for securing the transfer of web pages. PGP supports the request of certificates from Network Associates' NetTools PKI, VeriSign's OnSite, and Entrust certificate authorities. X.509 certificates are analogous to a PGP signature, so you can even request X.509 certificates on your existing PGP key. Using PGPnet, this feature can be used to interoperate with existing VPN solutions based on X.509.
4. Automated Freespace Wiping. PGP's Freespace Wipe feature now allows you to use AppleScript to automate wiping of the freespace on your disks. The AppleScript dictionary for this is located in PGPtools.
5. PGPmenu Improvements. PGPmenu has been entirely rewritten, and sports many new features. Configurable Command Key support allows you to invoke the Encrypt/Sign/Encrypt&Sign/Decrypt&Verify commands in third-party applications without even touching the mouse. The Empty Trash command in the Finder can now be turned into a Wipe Trash command to make sure that everything you throw away gets securely wiped. The cursor now provides animated progress during PGPmenu operations, and more.
6. Outlook Express support and Enhanced Email Integration. As part of the new PGPmenu, Outlook Express and Claris Emailer are now recognized as special applications in which PGPmenu will automatically grab the recipient email addresses whenever you invoke PGPmenu on a new email message window thus cutting out the step of specifying the recipient keys! The old Claris Emailer plugin has been removed now that PGPmenu has direct support for it.
7. Fingerprint Word List. When verifying a PGP public key fingerprint, you can now choose to view the fingerprint as a word list instead of hexadecimal characters. The word list in the fingerprint text box is made up of special authentication words that PGP uses and are carefully selected to be phonetically distinct and easy to understand without phonetic ambiguity.
8. HTTP Proxy Support. If your Macintosh is behind a corporate firewall with an HTTP proxy server, PGP now supports accessing HTTP keyservers through the proxy. To use this feature, you must configure the proxy server address in the Internet control panel. This feature requires the installation of Internet Config for users not running MacOS 8.5 or greater.
9. Smart Word Wrapping. The word wrapping in PGP now automatically rewraps paragraphs and even quoted paragraphs resulting in much cleaner signed messages.
PGP Version 6.5.2 Enhancements
1. MacOS 9 Compatibility. PGP 6.5.2 provides compatibility with MacOS 9's Multiple Users feature.
2. Windows 2000 IPSec Interoperability. PGPnet can now establish VPN connections with properly configured Windows 2000 systems running the Microsoft High Encryption Pack.
3. HFS+ FreeSpace Wiping on Startup Volume. PGPtools now supports freespace wiping of HFS+ startup volumes.
4. Outlook Express 5.0 Support. In addition to our previous support for OE 4.5, PGP 6.5.2 now includes integrated support for the new Outlook Express 5.0!
Documentation
Also included with this release are the following manuals, which can be viewed on-line as well as printed:
• Introduction to Cryptography
• PGP Installation Guide
• PGP User's Guide
Each document is saved in Adobe Acrobat Portable Document Format (.PDF). You can view and print these documents with Adobe's Acrobat Reader. PDF files can include hypertext links and other navigation features to assist you in finding answers to questions about your Network Associates product.
To download Adobe Acrobat Reader from the World Wide Web, visit Adobe's Web site at:
http://www.adobe.com/prodindex/acrobat/readstep.html
This release also includes online help in Apple Guide format.
Documentation feedback is welcome. Send email to tns_documentation@nai.com.
System Requirements
To install PGP on a Macintosh system, you must have:
• Power Macintosh (PowerPC processor required)
• MacOS 7.6.1 or later
• Open Transport 1.3 or later
• 16 MB RAM
• 10 MB hard disk space
If you plan to run PGPnet on the system, you must also have:
• Compatible LAN/WAN hardware and software (see Known Issues:PGPnet)
Known Issues
PGP
1. Mismatching your keyring files can result in data loss. Your public keyring file and private keyring file must be kept in sync. If, for instance, you select a public keyring file that does not contain the public portion of your private key and do not also change the private keyring to the corresponding file, you and others will not be able to encrypt to exported versions of your key after that time. In most cases, simply updating your key from a public copy on a keyserver or importing a copy of your key will fix this. However, it is recommended that the keyring files always be kept in sync.
2. Using a Split Key as a public key for PGPdisk will not allow reconstitution of the key through the usual dialog provided for reconstituting split keys. To use such a key to open a PGPdisk, you must first rejoin the key in PGPkeys.
3. Some PGP Versions 6.0 and later features are incompatible with previous versions of PGP, so we feature a "compatible" export format that strips incompatible features such as Photo IDs and X.509 certificates from keys. Selecting "Include 6.X Extensions" in the Export dialog enables these features to be exported. By default, we export in compatible mode. You may change the default in the Advanced preferences dialog. When sending a key to a PGP Certificate Server Version 2.0 or above, Photo IDs always accompany the key. The default LDAP server in PGP 6.x supports this.
4. As of PGP 6.5, we will no longer be releasing versions of PGP for 68K Macintoshes. The last version of PGP that will run on those machines is PGP 6.0.2.
PGPnet
1. PGPnet requires Open Transport 1.3. If you do not have this installed, it can be downloaded from Apple.
2. Uninstalling PGPnet requires that you use the PGPnet application to "Make Insecure" the TCP/IP configurations that you previously made secure. Removal of the file "PGPnetModule" will render any secured TCP/IP configuration useless until you "Make Insecure" that configuration. You can also resolve this after the fact by deleting the TCP/IP configuration and recreating it.
3. PGPnet has been tested successfully with many different Ethernet implementations, Apple's Remote Access/PPP, and America Online's Internet access. PGPnet may not function properly on non-Apple-supported configurations such as Token Ring, or other PPP implementations.
4. AppleShare IP servers used over a local AppleTalk network will downgrade to AppleTalk if TCP/IP negotiation fails. PGPnet does not secure AppleTalk communications, and thus this can result in unexpected insecure communications. If you use PGPnet-enabled AppleShare IP servers on a local network, you may want to manually use the Connect button on the first connection to make sure that the negotiation is successful and everything is configured correctly. On future connects, you may simply use the Chooser to connect to the server to take advantage of PGPnet's automatic negotiation. This is not an issue if the AppleShare IP server is not on your local AppleTalk network.
5. Note that this freeware version of the product disables the use of X.509 authentication with PGPnet, and also does not allow the use of Secure Gateways for tunneling. Only the Personal Privacy and Desktop Security versions support those features.
Year 2000 Compliance
Information regarding NAI products that are Year 2000 compliant and its Year 2000 standards and testing models may be obtained from NAI's website at http://www.nai.com/y2k.
For further information, email y2k@nai.com.
Contacting Network Associates
For Questions, Orders, Problems, or Comments
Please note that Network Associates does not provide technical support for its freeware products.
For On-Site Training Information
Contact Network Associates Customer Service at (800) 338-8754.