WinPT Intro

WinPT - The Windows Privacy Tray; a free GPG front-end

Requirements for WinPT

First you need to have a working GnuPG 1.4 installtion on the machine you plan to install WinPT.

If you do not have GPG in your machine, please visit http://www.gnupg.org and download the

latest GPG version there. It comes with a graphical installer so there is no need to do this step

manually.

You need at least Windows 98/2K/XP, but Windows XP or better is recommend. The program also

works on NT/95/ME but there is no support for these OS versions any longer. Mainly because the

OS vendor also dropped support and no bug fixes will be provided any longer.

And it is very likely that it does not work optimal on such platforms.

A short Introduction

WinPT is a graphical GnuPG front-end which resides in the task bar. It is divided into several,

so-called, managers. There is a manager for the key(ring), for files and for smart cards.

The aim of the program is to secure email communication and to perform file encryption and

to allow an easy and user friendly way for key management.

What is GnuPG

GnuPG is a tool for secure communication and data storage. It can be used to encrypt data and

to create digital signatures. It includes an advanced key management facility and is compliant

with the proposed Internet standard as described in RFC2440.

The Web of Trust

For a detailled description of these and other GnuPG topics, I recommend the available literature

at http://www.gnupg.org. But at least a general overview should be given here.

The certification scheme of OpenPGP does not base on a hirachical approach. Instead it uses

a combination of ownertrust and direct key certification.

Here is an example with the imaginary persons called Alice, Bob, Carol and Dave.

Alice knows Bob and checked the fingerprint of Bob's key when he met him personally.

Thus she knows that the key really belongs to its owner and he trusts Bob to certify other keys.

Then she issued a signature on Bob's key. Bob knows Carol and also checked her identity.

Then he signed her key. Alice does not know Carol, but he knows Bob and Bob trusts Carol.

And because Alice trusts Bob, at a level she decided before, he also trusts Carol.

It's a transitiv relation. Dave is isolated and does not know anybody for the mentioned reasons,

thus he is not in the WoT. Another very important point is, that the signer can decide, after the

certification, how much he trusts the key owner to certify other keys.

It is very important to check the identify of a key owner. Mostly this is done by comparing the

fingerprint, which were submitted by phone or written down at a personal meeting, with the

fingerprint of the key in the keyring. Please bear in mind that anybody can create a key with an

email address and a specific name.

Thus it is not recommend to sign keys without doing this check before!

The fingerprint of the key is hexadecial (160-bit) sequence divided into 10 groups of 4 hex

digits. You can get the fingerprint of a key by opening the key property dialog. There you can

mark the fingerprint and copy it to the clipboard. The fingerprint of a key can be compared

to human fingerprints, it is unique for each key.

Example: 1D75 8108 5BC9 D9FB E78B 2078 ED46 81C9 BF3D F9B4

It is a good idea to publish your fingerprint wherever possible.

For example via a business card or your website.

Installation of the Program

It is always recommend to use the latest version of the program. You can download it from

http://wald.intevation.org/projects/winpt. Download the zip file with the binaries inside and

unpack them in a folder. All files need to be in the same folder, so if you change the folder do

not forget to move all files.

You should also download and verify the signature of the packet to make sure that the release is

really authentic and were not altered in any way.

To activate the program you just need to start WinPT.exe. You should now see a

little (golden key) icon in the taskbar which indicates that the program is running.

If you want to quit the program, right click on the symbol and select "Exit".

Alternative, you may use one of the graphical GPG installers which are available on the internet.

I recommend to use Gpg4Win which includes a set of very useful privacy tools, beside WinPT and

it is very easy to use with an average size (~4MB). For non-German speaking users, I recommend

the light version because it does not contain the 2 German PDF manuals.

Getting the Source of the Program

As free software, according to the GNU General Public License, WinPT also offers the source code

for the program. It can be used for reviews, to compile your own binary and/or to modify and/or

redistribute it or just to learn how it works. The source is available at the same place you

downloaded the binary. If not, you should contact the author of the site.

The entire program can be build with free software; the default environment is a cross-compiler

hosted on a Linux box. All you need is the mingw32 packages, a working autoconf environment

and the libs WinPT depends on (currently gpgme and libgpg-error).

It is also possible to build the binary with cygwin/mingw32 on Windows but this environment is

not actively supported and propably needs adjustment of the source.

Configure the Program

After the installation not much of the default settings need to be changed. If you prefer a

special keyserver, it is propably a good idea to open the keyserver dialog and to set one of the

existing keyservers as the default or create a new entry and mark it as the new default.

The default keyserver is subkeys.pgp.net, which is the best choice for most users.

The GPG Preference Dialog

In this dialog you can change your GPG config and customize its behaviour. Please be advised that

in most cases there is no need to overwrite the default GPG path settings.

There are three different paths available. First, the GPG home directory. The place where the

keyrings are stored and also the config files. The second path points directly to the gpg.exe.

The third is the path to the language files,

where you usually store your winpt.mo/gpg.mo files. These entries should be only changed when

really need and extra caution is needed because with wrong settings, WinPT will not be able to

work any longer!

The second part of the dialog is the "General GPG options" section. Here you can influence the

behaviour of some commands. If you do not know what they mean, it is safe not to change the

values and stick with the default ones.

For expert users, it is possible to set the signature class of issued key signatures and to set

an expiration date for key signatures or to specify an comment in armor files.

The "Encrypt to this key" might be useful for anybody who needs to decrypt mails or any data he

sent to a recipient. The field value should contain the key ID of the default key pair.

Preferences

In the WinPT preference dialog, the user can modify and/or disable the default options. For new

users it is suggested to leave the default values as they are, except when there are problems

related to the hotkeys.

To enable keyring backups, the user can either decide to use the GPG home directory as the backup

folder or any other folder. In the latter case, a folder needs to be chosen.

The First Start

This section is only important for people who never installed and/or used WinPT before and thus

no keyrings are available.

When the program is started the first time, it offers two choices. The one is to generate a key

pair and the other is to copy existing GPG keyrings into the current installation.

We assume the user will select the first entry.

Now a new dialog is shown which requests some information from the user to allow a meaningful

association between the key and the user. If the user prefer RSA keys, the check box should be

marked.

But this is a decision of personal taste and does not influence the security or anything else.

If the entered data is OK, WinPT then generates a new key pair. As long as this step takes, a

progress dialog is shown to indicate the enduring process. When the generation of the keypair is

done, WinPT offers the chance to backup the existing keyrings.

This is definitely an important decision because if the keyring will get corrupted or lost, there

is no way to recover the encrypted data. That is why it is also important to store the backup, at

least of the secret keyring, at a safe place.

The Passphrase for the Secret Key

First a short explaination what passphrase is. A passphrase is like a password but usually

longer, maybe a sentence, which can consists of any 7-bit ASCII characters. It is used to protect

your secret key and thus it is very import to chose a secure passphrase. If your computer, and

thus the secret key, were stolen and an attacker can guess your passphrase he is able to decrypt

all your data and to create signatures in your name! A good passphrase is difficult to guess but

easy to remember and should be at least 10 characters long.

An easy way to generate a strong passphrase is to use a sentence only you know but you can easily

remind and then take the first letter of each word, plus some special characters and maybe even

some intentionally made spelling mistakes.

Example: Row - row - row your boat, gently down the stream

Passphrase: "R - r - ryb,gdts"

Never write down or passphrase or share it among other people!

Keyserver Access

An easy way to retrieve keys is the keyserver. You can think of it like a huge database with a

lot of keys as its content. It is possible to search keys by a pattern, a keyid or even a

fingerprint.

WinPT allows to access different kind of keyservers. For example LDAP, HKP, Finger and HTTP.

But the focus will be set on HKP because this is the common case.

In some situations WinPT asks the user whether to retrieve keys automatically. One example is the

signature verification when the key that issued the signature was not found in the keyring.

The main keyserver dialog allows to fetch one or more keys directly or to search for a given pattern.

Retrieve a key by Key ID

The best way to fetch a key from the server is by the key ID.

Just enter the key ID, it is a good idea to prefix it with 0x, and click the "Receive" button.

An example:

pattern: 0xBF3DF9B4

[Receive]

Retrieve a key by its email address

If you only know the email address from your partner, you can enter it instead of the key ID.

It is unlikely but possible that there are more keys with the same address. In this situation,

WinPT will warn you that multiple keys were imported. The difference to the search function is,

that the keys were dirctly fetched and not displayed as a key result list.

An example:

pattern: name_of_friend@gmx.net

[Receive]

Search for a key by pattern

If you want to communicate with a new mail partner and you are not sure about the key ID, it can

be useful to search for his email address. This address is considered as quite unique.

An example:

pattern: winpt@windows-privacy-tray.com

[Search]

Now a dialog is opened with a list of all keys which matched the search string. If the name

and the email address is known, the matching key should be selected and "Receive"

should be clicked. Then the key will be downloaded and added to your keyring. Now you can

encrypt data with this key, for example an email.

Sending a Key to the Keyserver

After you generated a new key pair, it is a good idea to send your key to the keyserver to make

it available for other users. If you issue a signature, the key ID is part of the signature and

people can automatically retrieve your key when they try to verify the signature.

Actually, the action is performed in the Key Manager and not in the keyserver dialog. Just open

the Key Manager, select the key you want to send right-click on it and chose "Send to Keyserver"

in the popup menu. Then a message box with the result is shown.

Add, Delete or Edit a Keyserver Entry

The keyserver dialog allow to change the existing keyserver entries, to delete them or to add new

entries. Just right click on a selected item and a popup menu will be

shown with ("Edit", "Remove" and "New").

Using the Clipboard

A major aim from the first day was, that the program does not depend on a special mailer client.

For this reason it uses the clipboard to encrypt and/or sign data.

For the examples, let's assume that you want to write a new mail or that you received a mail

protected by GnuPG.

The Clipboard Editor

This dialog allows it to modify the clipboard contents directly and/or to display the contents of

the clipboard. It is also possible to load a text file into the clipboard or store the contents

into a file. For the convenience, the dialog also allows to encrypt and/or decrypt clipboard data.

Encrypt Data in the Clipboard

Just copy the text from the mailer window into the clipboard. This is usually done by CTRL+C,

make sure you really selected all portions of the text. Then right-click on the tray icon and

select Clipboard->Encryption. Now a dialog is shown to select the recipients. This means you need

to select all keys which should be able to decrypt the mail. Confirm with "OK". GnuPG now

encrypts the data with the selected recipients. At the end a message box with the result is

shown. Now the clipboard should contain the encrypted data. Just paste it into the mailer window.

The output should contain a header and a footer "BEGIN PGP MESSAGE" and "END PGP

MESSAGE.

Decrypt/Verify Data from the Clipboard

The most common case is propably that you got a signed email and now you want to verify it. For

this procedure, you have to copy the entire signature in the clipboard. The easiest way is to

use CTRL+A and CTRL+C, then all available text will be copied. WinPT (GnuPG) is smart enough

to figure out the signature related data. Now go to the taskbar, display the popup menu and select

Clipboard->Decrypt/Verify. Now a new dialog, the verify dialog, should be available on screen

with all information about the signature. For example who is the signer, when was it signed how

much do you try this key and what was signed and most important, the status of it (is the

signature good or BAD).

A special case is when you don't have the public key to verify the signature, if this happens

WinPT offers to download the key from the default keyserver. If the key was not found, the

procedure is aborted because without the key the sig cannot bed checked.

Sign the Clipboard

We assume that text that shall be signed is already in the clipboard. If not, select the text you

want to sign and copy with via CTRL+C in the clipboard. Now go to the taskbar and open the

peopup menu, Clipboard->Sign. If you just have one secret key, the passphrase dialog will be

automatically shown.

All you need is to enter your passphrase and confirm. In case of more available secret keys, a

list with all keys is shown and you can select which key shall be used for signing.

The output is always a cleartext signature which is in text format. Do not try to sign binary

clipboard data, the result would be unpredictable and not readable by human beings.

The Current Window Support

Compared to the clipboard mode, the CWS mode has some advantages. Let us assume that you

want to extract text from an editor window. With the CWS mode, the program automatically tries to

focus the window to select the text and to copy it to the clipboard and execute the selected

command (Sign, Encrypt, Decrypt).

No manual user interaction is needed. Except this different behaviour, it is very likewise to the

clipboard mode and thus we do not describe each command again.

The Key Manager

This part of the program is propably most important for many users. It contains function to

manage your keyring and to perform actions which are required and/or useful in the OpenPGP

environment.

Tips

- If you want to import quickly a key from a into the keyring, just drag and drop the file into the

Key Manager window. Then the import procedure will be automatically started.

- Key which were fetched from keyservers often contain a lot of, maybe obsolete, self signatures,

if you want to get rid of them you can use the Key Edit->Clean feature. Just start the edit

dialog and select the clean command. That's it.

- The keyserver dialog does not allow to import a key directly via an URL, as an alternative you

may use the "Import HTTP..." feature in the Key Manager. With it you can directly fetch keys

from the web (Example: http://www.users.my-isp.de/~joe/gpg-keys.asc).

- To customize the parameters of the generated key, you can use the expert key generation.

It allows you to set the public key algorithm and/or the size of the key directly.

- Most of the list view based dialogs allow to use the right mouse button, to show popup menus

with available commands.

Create a Revocation Certificate

It is very important to do this step early as possible. With this certificate, you can revoke

your entire key. The reason for this can be for example, that your key is no longer used or even

compromised.

After you generated the revocation cert, you should move it to a secure place because anybody who

gets access to it, can render your key unuseable.

Just right-click on your key and select "Revoke Cert". If you do this step directly after key

generation, there is no need to change the default values. Just select a file name and enter the

passphrase. The program issues a warning which should be read carefully.

Adding a new Secondary Key

For most users the existing keys in the key pair are enough and no extra key is needed. But there

are some exceptions.

- The primary key has no secondary key and the primary key is not able to encrypt data. In this

case it can be a good idea to add a secondary encryption key.

- A lot of people use secondary encryption keys with an expiration date. Usually the key is valid

for 1-2 years. After the key is expired, a new key is needed in order to encrypt data.

What kind of public key algorithm should be selected is a matter of taste. RSA and ElGamal are

both capable for encryption. For most users it's a good idea to let the program chose the key

size (in bits). The default settings should be secure enough for most purposes.

Adding a new User ID

If you got a new email account, it's propably a good idea to add these new account to your key

also. For example:

A new account was registed at gmail.com (john.doo@gmail.com).

Then you should create a new user ID with the following fields:

name: John Doo

email: john.doo@gmail.com

comment: (optional)

Now email programs are able to associate this address with your key when somebody wants to send

you a protected mail to this account.

Adding a new Photographic ID

With this function you can add a photo to your public. It will be displayed in the key property

dialog.

You just need to select a JPEG file which contains the photo and enter your passphrase and

confirm with OK. Please read the note in the dialog carefully to make sure the photo has a proper

size (file, height and weight).

Adding a new Designated Revoker

If you want to allow another key to revoke your own key, this might be useful if you lost your

secret or a simliar situation, you can use this function to add a designated revoker to your key.

All you need to do is to select the key you want to add as a desig revoker. But please bear in

mind that this procedure cannot be undone and that this person really has the power to make your

public key unuseable. You really should trust the selected key, in case it is not a key owned by

yourself.

Export a Public Key

There are several reason why to export a public key and there are also several ways to do it. If

you want to send the key directly to a mail recipient, you can select the key, right-click,

and select "Send Key to Mail Recipient". As an alternative, you can also export it to the

clipboard or to a file. To export a key to the clipboard, you can select "Copy key to Clipboard"

in the popup menu of the selected key. To export it to a file, you need to select the menu "Key"

and then "Export...". The program will automatically suggest a name for the output.

Export your Secret Key

This command should be used with caution because it exports your secret key. Please bear in mind

that you should never export your key to a place where it can be accessed by others.

An USB stick or a likewise mobile storage device should be used for the export.

Import a Public Key

Similar to the key import, the import of a key can be done in several ways. First, let's assume

you got a mail with an OpenPGP key included as inline text. Then you can use the current window

feature and "Decrypt/Verify" to import the key. Alternative you also may use the clipboard.

To achieve this, you first need to select the entire key (CTRL+A) and then copy it to the

clipboard (CTRL+C), then use the Key Manager (Edit->Paste) to import it. If the key is stored as

an attachment, or you want to import a key from a file in general, just drag the file and drop it

into the Key Manager window or use "Key" -> "Import...".

Sign a Public Key

If you verified that a key really belongs to its owner, you should sign the key to integrate it

into your Web of Trust and also to mark the key as valid in your keyring. Do not sign a key you

just got via email with the request to sign it. Anybody can create a key with your (or better ANY)

name, these information are no hint to whom the key really belongs. You can check a key

by meeting or calling the key owner and verify the key fingerprint of the key with the one

published by the key owner. Additional checks should be to watch at his driver license or the

identity card to make sure that name of the key matches the name of the key owner. After this

procedure is done, you can open the Key Manager, select the right key and either use the context

menu "Sign Key" or use the toolbar button.

The next dialog will summarize the key information and some additional options. For example if

the signature should be local or exportable. Local means the signature will be stripped if you

export the key and no one else except you can use it to calculate the validity. If you mark the

signature exportable, any other user can see and use it. Now you can select the key you want to

use to sign and enter the passphrase. Confirm with "OK" and the key will be signed. Now the

validity of the new key is "Full". It is propably a good idea to set the ownertrust of the key.

For a detailled description, see the chapter "Key Ownertrust".

Key Ownertrust

First we should explain what the ownertrust of a key is. The ownertrust is a measurement how

much you trust somebody to certify and check keys of other people. For example, if you know that

Bob is really the owner of the key, you should sign it. But he is also known to sign other keys

without checking the idenity of the other key owner. Values for the ownertrust are

1) Don't Know 2) Don't Trust 3) Marginal 4) Full

and thus you should propably use an ownertrust value like "Marginal". But this is a personal

decision and stored in a separate file and never exported with the public keys. For further

information, please take a look into the GNU Privacy Handbook.

Just a last work on Key Pairs, they are automatically marked as "Ultimate" because the key

belongs to you and you trust it implicit.

List Signatures

This dialog contains a list of all signatures of the selected key. The basic dialog, the tree

based version, just shows signatures when the issuer key is in the public keyring. A double click

opens the signature property dialog which contains detailled description about the selected

signature. A dialog which is useful for people who wants to get all information about the key

signatures, can click on the "Edit.." button.

Copy Key Information to the Clipboard

Often it is useful to copy parts of the user ID to the clipboard. One example is that you want to

send an email to the key owner or that you want to search the key by the email address or you

want to copy the fingerprint to the clipboard to paste it somewhere else.

This command is available in the popup menu (right click).

Delete one or more Keys

To delete a key, or more than one key, you just need to select the keys in the Key Manager and

either select "Delete" or use the toolbar button.

Be careful if you delete a key pair, because you will not be able to decrypt and/or sign data any

longer. In any case you should have a backup of your key pair at a safe place.

Re-verify Signatures

After you refreshed or imported a lot of new keys, either from a file or the keyserver, it is a

good idea to re-verify the signature in the keyring. This speeds up listing operations.

WinPT Website

If you want to check for updates or general information about the Windows Privacy Tray program,

you can select this menu item.

The WWW webite of WinPT will be loaded in the default browser.

If you want to visit the project website directly, select the "Project Website" entry.

The Key Edit Dialog

For the average GPG user, the popup menu of the Key Manager contains all command to manage

your keys. For example to add a key/userid/revoker/photo, just right click on the click and select the

command from the "Add" submenu.

But for advanced users, this dialog contain a lot of extra commands to customize your key.

The main dialog contains a list of all keys in the first list view box and all user IDs in the

second list view box. The help button gives you a short hint about each command and what it does.

For example you can set the primary user ID via the "primary" command or with "deluid" you can

delete the selected user ID. Please always bear in mind, that most keyserver are not able to

remove user IDs in its database so if another user fetch your 'updated' key from the keyserver

the user ID might be still part of the key. If you want to make an user ID unuseable, you should

revoke it. This is also possible with this dialog.

Update your Preferences in the Key Manager

To avoid that the user needs detour to select the taskbar icon, click on it, etc., all

preferences can be changed in the Key Manager via the Edit->Preferences... menu.

The File Manager

Introduction

The File Manager is no replacement for an Explorer Extension. If you secure your files frequently

and you want to do this fast and easy, I suggest to install GPGee. It is a program which

integrates itself into the explorer and provide menu entries in the context menu of files and

directory. But the File Manager can be very useful if you just want to decrypt and/or encrypt

some files without additional programs. You can find the File Manager via the symbol in the

taskbar, right click and then "File Manager".

An Overview of the GUI

First there are different ways to add (open) files in the Key Manager. The easiest way is to use

drag and drop to add files into the File Manager. Just drag a file from the explorer and drop it

into the File Manager window. The second way is to use File->Open. A dialog opens which is

common for all "File Open" operations in most Windows application. Now you can select one or

more files and confirm. The files will be automatically added to the File Manager window. The

main window consists of a listview with three rows.

The first row is the status of the file. It can be "ENCRYPTED", "SIGNED", "PUBKEY",

"SECKEY", "SIG" or "UNKNOWN". Dependent on the file status, the File Manager offers

different choices. For example "SIG" enables the verify options in the (popup) menu.

"UNKNOWN" is the default for all plaintext files.

The second row is the file name. And the last row is the status of the operation. It can be

either "", "SUCCESS" or "FAILED". An empty status means no operation was started yet. FAILED

indicates that the GnuPG operation failed. In this case an error message was issued before.

Now it follows an example:

We assume that user wants to encrypt "c:\My Ideas\GPG GUI.txt". Drag the file from the Explorer

and drop it into the open File Manager, the main window. The file will be added and recognized

as "UNKNOWN". Now we select the file and right click, a popup menu is shown and we select

"Encrypt". An new dialog is opened which looks similar to the Clipboard Encryption dialog.

Just select the recipients and confirm. In contrast to clipboard encryption, file encryption

offers some more extra options. They are described later. And hour glass will be shown as long as

GnuPG takes to encrypt the file. When the procedure is done, the third row should be change

to "SUCCESS" and the first row to "ENCRYPTED".

General Options

Now we describe the general options which are possible in some File Manager dialogs.

- Text Output

When this option is checked, the output will be encoded in ASCII armor. This can be useful if the

file should be transfered via email. The size of the output file is larger than the usual binary

output.

- Wipe Original

If this option is checked, the original file will be deleted after successfull encryption.

This can be useful if data should not be available in plaintext any longer on a machine.

Reporting a Problem (Bug) or a Feature Request

For the case that you have problems with the program, that includes crashes or or the handling,

please first check the forum at http://wald.intevation.org to see if someone else reported and/or

wrote about the issue. It is possible that the issue is already solved/answered in the forum.

Plus all other users can benefit of it because maybe another person has the same problem and then

he can check the forum and will find the answer.

Feature requests can be submitted at the same site in a different tab (Tracker->Feature Request).

There is no guarantee that the request will be implemented in the next version. The reason is,

that other issues might be more important or that the request must be first discussed with other

developers. But each request will be considered.

For the case that you found a bug, it is very important to provide much details as possible to

allow the developers to track down the problem and to fix it easily. Please do not forgot to be

precise as possible and the best idea is to provide a step-by-step text to reproduce the problem.

Problem with the Program or an unexpected Behaviour

First let me say that it is very important always to use the newest version. Each new version

contains bug fixes and might also fix usability issues. This is also valid for GPG, WinPT

checks that the minimum GPG version is available but even so it is important and often useful to

have the newest GPG version if this is possible.

But sometimes the problem is not the software itself, but the software which was involved to

transfer the data. Here are some examples of what could happen:

- The downloaded file could be broken (FTP ascii->binary issue) and thus WinPT is unable to

verify the signature. In this case you should download the file again.

- A mailer broke the signature because the line endings were altered or the mail text was wrapped

after the signature was issued. There is no solution to this problem, except to use

a smart Mail Client.

- A public key (file or clipboard) will not be recognized but the data should definitely contain

one or more keys. Sometimes line endings are messed up or white spaces were removed. In

this case GPG/WinPT is not able to detect when the data begins and the header section starts.

You can use the clipboard editor to see if the ascii armor is broken. If this happened, the

file must be repaired manually or should be sent again.

- WinPT reports that the key could not be imported because of missing self signature or a

likewise message. To make sure that the receiver can really verify the key belongs to its

owner, the key carries a self signature which can be checked by anybody. Some PGP 2.6 version

do not issue this self signature and some other PGP versions might be also able to

supress its generation. Such a key cannot be used, even if the import were forced. The solution

to this problem is easy but sometimes not possible. Ask the key issuer to self sign his key and

to upload it to the keyserver or send it again.

But sometimes companies have a policy and thus newly generated keys are not self signed. I do

not know what to do in this case except for asking if it would be possible to sign a copy of

the key.

- You received a message from a user which uses PGP and WinPT will not be able to decrypt it.

First let me say that this should happen very seldom with newer (PGP >= 7) versions of PGP.

The reason could be, that IDEA has been used. A patented Cipher which is not included in GPG.

GPG will not be able to decrypt the data because it has been ciphered with IDEA. There is no

solution for this problem, except to use the IDEA plug-in. But be advised that the IDEA

algorithm is only free for private use and NOT for commercial mails.

Another problem could be, that your files cannot be automatically decrypted by the receiver

(who uses PGP) because the file extension of it is .GPG. You can solve this problem by changing

the default extension in the WinPT preferences from .GPG to .PGP.

To minimize the change of problems when you communicate with a PGP user, you can add

"pgp8" or "pgp7" to your gpg.conf. This can be done via the Key Manager

->Edit->Preferences...->GPG Config Preferences.

How can I help the Project

There are several ways to help the project. For example you could provide (or work on) the

existing documentation or write new docs. You could translate WinPT into a new language or

maintain an existing language file. Of course it is also possible to contribute code or to

become part of the WinPT developer crew.

Commercial support for WinPT is available via g10 Code GmbH.

What I need for Development

First, you need a Windows C-compiler and knowledge how to use the tools and the Win32 API.

There is no need to use MS-Visual C, you can use Ming-W32 (gcc) and a free IDE to hack some

code. The default building environment is a mingw32 hosted on Linux and it produces W32

executables.

If you plan to contribute some code or to work on an item from the TODO file, please contact me

first to make sure no one else is working on it and that and we can discuss the details.

Closing Words

Please remember that currently the core WinPT crew is just me and thus it might take some time to

respond to forum messages, and mails. If my spare time allows it, I try to respond quick as

possible. But as a free software project, I do most coding in my spare time and I can't guarantee

anything. If you need commercial support for WinPT or GPG in general,

please contact g10 Code GmbH.