To view the contents of your public keyring, use this:  PGP -kv  And wham!  A list appears, one line for each key on your ring.  You'll  notice your key down at the bottom, along with a list of the authors.  Each  line starting with "pub" represents one distinct key; note that keys can  have more than one name or email address attached to them.  The anonymous key for the two of us can be found at the bottom of this  document.  You'll need it on your public keyring in order to verify this  document in a later section.  Save the chunk of text to a file, then tell  PGP to add it with a similar command to what we used to add the authors'  keys:  PGP -ka <file>  Of course, you're not always going to be adding keys; you'll need to extract  yours, as well as other people's when you sign them.  To extract any public  key from your keyring in the above format, use the command:  PGP -kxa <id> <file>  Where <id> is some unique part of their name or email address.  For example,  to create a copy of your public key to pass around to your friends, type:  PGP -kxa <id> MYKEY.ASC  Where <id> is some part of the name or email address you used when creating  the key.  The file MYKEY.ASC - which will look very similar to our key above  - can be easily put in email messages, text editors, posted on bulletin  boards, everything.  Distribute it far and wide; this will help prevent  other people from trying to distribute fake public keys in your name.<3.3>  Keyservers  Keyservers are a muy bueno invention to spread public keys faster than the  SR-71 used to fly.  Basically, keyservers are a group of computers that  maintain a massive (800+K, last I checked) public keyring with thousands of  keys on it.  You can query this server to get a specific person's public  key, either to send something to them, or to verify one they've already sent  to you.  Here's some info, which shows regularly in alt.security.pgp.  Check  there for the latest info:================================================================================Each keyserver processes requests in the form of mail messages.  Thecommands for the server are entered on the Subject: line.        To: pgp-public-keys@pgp.iastate.edu        From: johndoe@some.site.edu        Subject: helpSending your key to ONE server is enough.  After it processes yourkey, it will forward your add request to other servers automagically.For example, to add your key to the keyserver, or to update your key if it isalready there, send a message similar to the following to any server:        To: pgp-public-keys@pgp.iastate.edu        From: johndoe@some.site.edu        Subject: add        -----BEGIN PGP PUBLIC KEY BLOCK-----        Version: 2.2        <blah blah blah>        -----END PGP PUBLIC KEY BLOCK-----COMPROMISED KEYS:  Create a Key Revocation Certificate (read the PGPdocs on how to do that) and mail your key to the server once again,with the ADD command.Valid commands are:Command                Message body contains- - ---------------------- -------------------------------------------------ADD                    Your PGP public key (key to add is body of msg)INDEX                  List all PGP keys the server knows about (-kv)VERBOSE INDEX          List all PGP keys, verbose format (-kvv)GET                    Get the whole public key ring (split)GET userid             Get just that one keyMGET regexp            Get all keys which match /regexp/LAST days              Get the keys updated in the last `days' days- - ------------------------------------------------------------------------Internet connected sites:        pgp-public-keys@pgp.mit.edu                Derek Atkins                warlord@MIT.EDU                FTP: pgp.mit.edu:/pub/keys/public-keys.pgp        pgp-public-keys@phil.utmb.edu                John Perry                perry@phil.utmb.edu                FTP: phil.utmb.edu:/pub/pgp/public-keys.pgp        pgp-public-keys@demon.co.uk                Mark Turner                mark@demon.co.uk                FTP: ftp.demon.co.uk:/pub/pgp/pubring.pgp================================================================================<3.4>  Signing  By signing a key, you're stating to the world that you know that the key in  fact does belong to the name shown.  The benefit of this is that, if you  know the "introducer" - the person who's signed a public key you're going to  use - can be trusted with handling keys, then you don't necessarily have to  verify the key itself.  While this can easily descend into a complex tangle  of what exactly qualifies as "signing," for the purposes of this  introduction, you sign a key like this:  PGP -ks <id>  You'll be prompted for your pass phrase - we honestly hope you've remembered  that thing damn well by now - and PGP will "sign" the key for you.  Then,  extract that person's public key - which will now include your signature -  and send it to them.  They can add it to their public keyring, and they'll  suddenly gain the benefit of your signature.  This means that if they're  communicating with somebody who doesn't know them, but knows you, the third  person can use your signature to verify the key's validity.  If somebody else signs your key and sends it back to you, use the PGP -ka  command (mentioned above) to add the amended key back onto your public  keyring.  PGP will recognize that just a signature has been added, and will  append that to your keyring, meaning that the next time you extract your  public key, that signature will go along with it.  To see signatures on your keyring, use a modified version of the view  command we used before:  PGP -kvv<3.5>  Encrypting  Heh.  And you thought all we were ever going to talk about was keys and  crap, right?  You'll be happy to know that PGP is pretty good at its primary  mission in life - encryption.  The most simple form is this:  PGP -e <file> <user>  Where <file> is the file to encrypt, and <user> is the target user who's  going to decode it.  This'll create another file called <file>.pgp, which is  the encrypted text.  Send it off, and the other user will be able to decode  it.  When you receive an encrypted file back, simply type:  PGP <file>  And PGP will figure out that it needs to decrypt the file, and do so.  Now, you think you're set, because you've encrypted a file, right?  Well,  there's only one flaw in this grand strategy: while only one person in the  world can decrypt that file, that person won't have any assurance of where  the file came from.  That's where digital signatures come into the picture.  A digital signature irrevocably identifies whatever you're sending as having  come from you.  A very nice thing to have.  Best of all, it's easy as sin to  do.  Just add one character to the command line you used above:  PGP -es <file> <user>  You'll be prompted for your pass phrase (getting good at typing that in  yet?), and then PGP will first sign the document with your secret key -  allowing it to be verified with your public key on the other end - and then  encrypting it with the other person's public key, so only their secret key  can decrypt it.  You can also just sign a document; this allows the document's source to be  verified, without any sort of encryption.  A good example is what you're  reading right now.  Save it to a file, and type:  PGP <file>  Where, of course, <file> is the name of the file you saved this document to.  It'll work for a few seconds, then say (hopefully) it's got a good signature  from us.  It'll then produce a non-signed version, which contains the  original message text; if the signature was good, that text is the same as  what we originally put out, and you know it came from us.<3.6>  Other useful commands  There are two other commands you should probably know.  First, there's the Radix-64 switch, which tells PGP to produce files which  can be emailed, UUEncoded-style, through mail networks.  To do this, you  just add an "a" to whatever you're sending, a la:  BEFORE:  PGP -es  example.txt Mary  AFTER:   PGP -esa example.txt Mary  The output will be sent to example.asc; furthermore, it'll be convienently  split into chunks the mailers can handle, it the file is long enough.  We  used this switch already, above, for extracting keys, since the ASCII  format, for something the size of keys, is far more versatile than a binary  representation.  Second, there's clearsigning; this means you add your signature, but leave  the document readable, which was what we did for this document.  To do this:  PGP -sta <file> +clearsig  Which will produce a file called <file>.asc, containing the document, with a  signature at the end.Section 4 - Miscellaneous<4.1>  Legal Issues  Oh yeah - PGP is illegal, at least if you live in the US and Canada.  Why?  PGP makes use of the RSA public-key algorithm, developed at MIT with tax  dollars.  The US Government then allowed a company out in California to  patent this algorithm; thus, if you're using this product in the US or  Canada, you're likely violating that patent.  See the next section on how to  get around this.  Also, if you know anything about the situation, please  send us email on how we can get the goverment to use tax dollars to develop  technology, then hand exclusive implementation rights to us.  This would be  a most excellent thing to have happen.  If you're out of the US or Canada, using PGP is not a problem, since the  patent laws don't apply; just *don't ask a friend in the US or Canada to  send you a copy*.  Thanks to the US Government's enlightened export  restrictions, PGP is considered to be munitions, meaning that you could get  sacked with serious shit if you either import or export it to/from the US  and/or Canada, including posting over the InterNet, or any other  international information service.  That's why Phil Zimmerman's being  investigated by the San Jose customs office right now.  Yep, our tax dollars  hard at work.<4.2>  ViaCrypt  However, all is not lost for US users.  A company called ViaCrypt in Arizona  is selling a properly licensed version of PGP which, for all practical  purposes, is completely compatible with v2.3a.  Here's a small blurb:================================================================================ViaCrypt, Inc., will begin shipping ViaCrypt PGP today, 1 November 1993.ViaCrypt PGP is a commercial public-key encryption package which isbased on, and virtually identical with, the freeware program known asPGP, or `Pretty Good Privacy.' (The source code is in fact identical tothat of the freeware version 2.3a of PGP, with the exception of the RSAencryption module, which is one ViaCrypt developed in-house afteracquiring a license for the algorithm from PKPartners.  In addition,ViaCrypt incorporates a few bug fixes.  The private-key crypto algorithmis IDEA, as in freeware PGP, for which ViaCrypt has obtained a licensefrom Ascom-Tech AG of Zurich.)================================================================================  Contact info:  ViaCrypt  2104 W. Peoria Ave.  Phoenix, AZ 85029 USA  602-944-0773 (Voice)  602-943-2601 (FAX)  70304.41@compuserve.com (Netmail)<4.3>  Version History  93/11/28  v1.0  Initial Version<4.4>  Everything Else  Please let us know if you find any problems with this document or have any  questions about it; we can be reached at an50928@anon.penet.fi as long as  that anonymous server remains up.  Let's hope it does, because otherwise  you'll have one damn hell of a time finding us.  If this document helps you,  by all means pass it on to every person you know, and maybe a few you don't.  Post it on lots of BBSs, all over the place, ad naseum. Tell everybody you  know to start using PGP, because the more people use PGP, the less we all  have to worry about a President Orwell.================================================================================  Contents Copyright (C) 1993 by Out and About.  Assuming you could figure out  who and where we are, that might mean something, but hey ...- -----BEGIN PGP SIGNATURE-----Version: 2.3aiQCVAgUBLPgwgXv2tR+FRQuZAQFBvgP/c5VY0QBkZhOZhFGH1lfpCpfc/tT6FrNwdae81c049wNj4jORq1eodm2pn8ObgrmK6qb5CQS2CST27fBD1wtnGvyyisvfYtqayaYs2qBBEwkURZI7M6kjCdL1snaQ14ScfYLQiBH0jqle+uORsHeke429NG0fr6oazVlyOqFvMQs==Hl80- -----END PGP SIGNATURE-----Here's our key:- -----BEGIN PGP PUBLIC KEY BLOCK-----Version: 2.3amQCNAiztdHkAAAEEAL3VO4LItnVBwLGZi6Hux2MoWkpqDE4gZtSGu2NAgE6zaT+6B8NibIwCPxL+8qfeS36BqvZ3GbSOI0SJldUc9sXZeNHsB7RnLgUTmA9mLoaDeL7kIHXKpk2uc1CuzLawaY9WDflnntumfhD7p7JReoI7/PZPSzR813v2tR+FRQuZAAURtCVPdXQgYW5kIEFib3V0IDxhbjUwOTI4QGFub24ucGVuZXQuZmk+iQCVAgUQLO12SXv2tR+FRQuZAQELzgP9FADqM3zy7P8BxPFK7oIxlf8+e1TtYmM1aA+1zHeu0kp9Sxk5IgydAZmBCVihu78V+oaG+7+gTwqCc3MHJoEpmsrK+E6hsZYW1EWW4tUDisReuSICYLOdqaWOGzIdBXJX3NZEYyA4bv7dHd+VEESNQrDbQDqHD7+tLVwQtqZEQ5o==QQEg- -----END PGP PUBLIC KEY BLOCK-----</pre><hr>