Dear Dan- If you are looking for a commercial license for implementing public key encryption, you have a couple of options.
a) www.gpg.org is a German release which follows the Open PGP standard and is compatible (most of the time) with previous PGP releases. In its self, it is command line and open source. Like the older PGP 2.6.3 there are several GUI front ends, some open source, some closed. b) Get a certificate from a Certificate Authority and use it in the S/MIME utility of the main line mail readers (OE/Outlook/Netscape/Mozilla). The costs for a commercial cert can be high. The basics between PGP and S/MIME are not that different, just many of the key management and trust decisions are done for you or transparently. That can be good or bad. c) Use OpenSSL to create your own certificates and use them for S/MIME and SSL, etc...you pay no one but these certificates do not carry the "Trust" that the CA ones do. In that regard they are like PGP keys. For more information and files about creating X.509 digital certificates and a more detailed comparison of PGP and S/MIME go to - http://groups.yahoo.com/group/PracticalEncryption/files/Encryption%20and%20P KI/ ( cut and past URL. Watch the cookies at Yahoo, they have gotten worse) If you are just going to use PGP for personal use, then there are many very good releases which are open source. Mac, Windows and Linux all have versions of PGP 658 at www.pgpi.org. The CKT release of 658 for Windows has many enhanced features (www.pgpp.org). and Disastry's 2.6.3 ia multi 5 (http://disastry.dhs.org/) offer many new algorithms to 2.6.3. And there is GPG. Truthfully, if you are on a Windows box, 658CKT is the best and better than NAI releases. If you really want ease of use for novices, and the security or open source cryptographic software, then OpenSSL to generate the keys (larger than 1024 bit certs) and an open source mail program like Mozilla to use them. Key management will be automatic. Problem is the certificate importing format. That is being investigated for a work around. Yours- Ridge Cook ---PGP Keys--- Signing 0x4AF823E3 Encrypting 0x43537711 on http://pgp.mit.edu -port 11371 --------------------------------------------------- ----- Original Message ----- From: "Habulin, Daniel (Worldcom)" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, April 01, 2002 11:33 PM Subject: Alternative to PGP solutions > Hi, > > Now that PGP is no longer... > has anyone out there had any experience with alternative mail encryption > productions from competitors , like say Baltimore, Verisign, Entrust. > I've tried the Baltimore MailSecure eval, and found it quite "slow" in > processing encrypted emails of any size. > > Any recommendations? > > Same with PKI solutions, NAI told me they have dropped that aswell. So any > input or recommendations for PKI solutions would be appreciated. > > cheers > > Daniel Habulin > Worldcom > Network Support & Engineering, NSW > Asia Pacific Communications Services >
