Stacking Fault

Paranoia runs deep around the Cryptonomicon.Net editorial offices. We are forever looking over our collective shoulders for evidence of a network break-ins, drive-by wi-fi shenanigans, or torrid interoffice romances. It's not surprising then that we all use secure email software. This is no small feat when one considers the range of systems we operate on our desktops. Over half of the editorial staff use Macintoshes as their "daily drivers." Thankfully able to put the sins of MacOS 9 behind us, those of us who use MacOS X are happy in our daily lives. The one fly in our secure email ointment was the near complete lack of support for S/MIME on the Macintosh platform. This drove us to universally adopt PGP as the corporate standard for secure email. While converting from Linux and Microsoft based operating systems, we evaluated four email clients. Our evaluation decision was strongly weighted by security issues and PGP integration was a large factor in the eventual decision. The rest of this article describes our experiences.

Three of the four contenders are household names: Apple Mail.app, Microsoft Entourage, and Eudora. A fourth, relatively unknown client was evaluated because a) they mentioned PGP support in the press release announcing the product, and b) we always like to give the underdog a fair shake. The fourth contender is MailSmith from Bare Bones Software. We should also mention that before the final email migration, we all dutifully upgraded to MacOS X 1.2 (Jaguar) and installed the latest version of PGP Version 8.0. Loaded with the latest and greatest version of MacOS X and PGP, here are our experiences.

The first package we will describe is Eudora. This mail package from Qualcomm is the old-faithful for many Mac and PC users. Before there was a stable version of Outlook, there was Eudora. The version we evaluated was 5.2.1 for MacOS X. After a breezy install, and a very good job of picking up email defaults from our MacOS 9 partition, we were ready to evaluate it based on it's PGP integration. We looked all over for information about using PGP with Eudora. We clicked on menu items and scoured the preferences panel. We even read the manual. Nowhere could we find any reference to PGP. A subsequent internet search revealed a set of AppleScripts to support the MacOS X port of GPG. While we are fans of GPG, our support rarely extends to actually using it. We had bought PGP for the express purpose of using a commercially supported product. We wish the GPG project all the best luck in the future, but for now we want to stick with PGP.

For our purposes, Eudora was simply a no-go. However, we really respect the product, and it should be pointed out that it is still possible to use PGP with Eudora, but you have to do this via the PGP submenu in the Services menu. So, if you are currently using Eudora and want to use PGP, it is certainly possible. To use it, however, you must first hilight your message, Navigate to the Eudora -> Services -> PGP menu. If you send three or four encrypted or digitally signed emails per week, using the Services menu is probably not a big deal. We send a lot more encrypted email than that, however, so integration and ease of use is a big deal for us.

The next package we evaluated was what we originally described as "the little Mail application that could." We are of course talking about the default Mail.app that comes with MacOS 10.2. Some of us in the Cryptonomicon.Net offices are old NeXT-hackers and were familiar with this latest incarnation of NeXTMail. We were happy to see that this version did not ship with a high-pitched cry for help disguised as a welcome message from Steve Jobs. When you pay for PGP, you get plugins for Mail.app and Entourage. We had high hopes, believing that if there was a plug-in, then hopefully the integration would be better than that demonstrated by Eudora. We were not disappointed. When you have the commercial version of PGP, integration with Mail.app is a snap. We selected the "sign messages by default" option and were digitally signing messages with little trouble. The integration was so nice that debates about the product centered on issues such as how long one should cache one's private key passphrase rather than any substantive issue with the product itself. In other words, PGP melted into the application. The only issue we had with the PGP plugin for Mail.app were the keyboard accelerators. The accelerator for digitally signing a message is "Command-Option-Shift-S," encrypting is "Command-Option-Shift-E," and decrypting / verifying is "Command-Option-Shift-D." We are concerned that if the keyboard accelerators for PGP functions become any more obscure, we will be using two hands a foot and a nose to press all the keys needed to access these functions. On the other hand, they are at least easy to remember: S for "Sign", E for "Encrypt", and D for "Decrypt / Verify."

All in all, we found the PGP integration with Mail.app to be a pleasant experience. However, we shudder to think what the experience without the plugins would be like.

Next in line for evaluation was MailSmith from Bare Bones Software. I must admit to not being too familiar with previous versions of this product. The only Bare Bones product I had been familiar with was BBEdit, their HTML and text editor. I had reasonably good experiences with BBEdit and the press release announcing the release of MailSmith did mention PGP, so I was looking forward to evaluating the product. We like the fact that secure email is becoming a more important feature in the minds of product managers, so we wanted to encourage them by at least looking at the product.

We were mildly disappointed. We weren't as disappointed with MailSmith as we were with Eudora, but there was still a tiny kernel of disappointment. While you can specify encryption or digital signatures on outgoing messages, there is a glitch in the product when you receive an encrypted email. There is no way to tell MailSmith to decrypt an encrypted email message. This meant we were back to using the PGP submenu under the Services menu. This is okay for casual PGP users, but at Cryptonomicon.Net, we're unnecessarily paranoid and encrypt just about everything, even our plans to decimate other teams in our bowling league. One interesting feature of this glitch is that when you receive a signed and encrypted email, the program tries to tell you that there was no valid signature attached to the message.

MailSmith has a number of other features we liked however. There seems to be advanced support for SPAM killing, and a number of tweaks to the mail editor that the Bare Bones team obviously took from BBEdit. We like MailSmith, but the lack of a message decryption interface was a deal-killer for us. However... we are definitely going to review the next couple of versions of MailSmith in hopes that they fix the problem. Also, if you receive a large volume of signed mail and a trickle of encrypted mail, then you might want to look at MailSmith.

Finally we come to the juggernaut; the killer from Redmond, the 600 pound gorilla of email solutions for Macintosh: Microsoft Entourage. Let me say a few words about Entourage first. Entourage is everything that Outlook should be. I rarely crashes, it can hold a prodigious amount of email, and it supports synchronization with Palm devices. This is the product that got me to forgive Microsoft from developing such horrors as Outlook, Outlook Express, and Windows 3.0. I saw Entourage working on a friend's machine and I went out the same day and paid full price for the product. Truth be told, I actually like Entourage.

However, our criteria was based on PGP integration, an area where we expected Entourage to have problems. To our surprise and delight, the only problem Entourage seems to have is with PGP/MIME messages. We might also add that we believe that the placement of the PGP functions in the menu hierarchy is a little lame, but that's such a tiny issue when compared to the things that it does right. Assuming that you are not receiving mail from people using PGP/MIME (I am told that GPG does this,) Entourage has the best integration. We are especially pleased to see that messages can be decrypted or verified from the "consolidated view." That is to say, you don't need to double click on a message to open it in a separate window before applying the PGP magic. Another nice feature is that when replying to a decrypted message, the Entourage PGP plugin places the decrypted text in the outgoing reply. For many years, the default behavior for mail clients was to insert the encrypted and encoded lines of gibberish.

In conclusion, we have to say it's a close tie between Microsoft's Entourage and Apple's Mail.app. We are somewhat suspicious of being able to migrate away from Entourage, and we are concerned about the seemingly capricious nature of the empire from Redmond. If it was clearly in their best interest to discontinue Entourage, they certainly would. If this were to happen, we believe it might be difficult to migrate our messages and contacts from Entourage into whatever next-generation solution we adopt. It certainly was a nightmare moving from Outlook to Entourage.

Mail.app seemed to handle PGP/MIME with no problems. We were in the middle of discussions about how serious a problem PGP/MIME support (or lack thereof) was, when we received a couple of PGP/MIME formatted messages. Comparing the simple process of decrypting PGP/MIME formatted messages with the torturous nature of the same task with Entourage, we reluctantly admitted that PGP/MIME support was important, and that the Entourage plugin was not up to the task. There is a semi-major irritation with Mail.app, however. When replying to decrypted messages, Mail.app "does the wrong thing." Instead of creating a new reply with the decrypted message, it inserts the encrypted and encoded version. To avoid this problem, one must double-click on the message in the master view and THEN reply.

We eventually settled on Mail.app as our office standard. The issue involving improper behavior when replying to decrypted messages is minor when compared to Entourage's lack of support for PGP/MIME. The problem can successfully be worked around, even if it leaves us grumbling. Cost is also an issue; Mail.app is a standard feature in MacOS X while Entourage costs money. In the future we will be watching for developments from the MailSmith team. We'll also be looking for PGP/MIME support for Entourage.

This document is intended to help the reader install PGP, generate a PGP key pair, and edit trust settings to reflect real-world trust relationships. After doing this, it will be possible to engage in confidential, trusted communications via email. If you're familiar with PGP and don't need any hand-holding, please jump to the bottom of this document for recommendations for PGP key generation parameters. Also, I'm assuming you've got a Windows PC. PGP on a Mac is pretty straight forward, insert the disk, double-click the installer, don't generate a key during the installation process, and jump to step 1 in the "Generating a Key" section below.

1. If you happen to be in possession of a PGP 7.0.3 disk, simply load it into your CD-ROM drive. In theory, Windows should pop up a McAfee/PGP install screen. One of the options is "Install PGP." Click on this option. If you don't get this splash screen, simply double-click on the setup.exe program in the PGP directory.

2. The PGP installer will give you the opportunity to install with several options. At this time, the only option I don't recommend is PGPnet. PGPdisk is used to encrypt complete folders on your hard drive. PGPtools is used to encrypt individual files. PGPkeys is a key management utility. There are also plugins for various email programs such as Eudora, Outlook, and OutlookExpress. You'll need PGPkeys (in fact, I don't think it's possible to not install it.) I certainly recommend PGPtools and the plugin for the mail program you use (if it's available.) I don't really use PGPdisk, so if you want to check it out, then great, but just remember that I can't support it. PGPtray for Windows users is a handy way to get to the various PGP applications.

3. During the install process, the installer will want to generate some keys for you. Don't do this now. If you do it now, it will generate the wrong kind of key.

1. After installation, you need to generate a key pair. But before we do this, we need to change the default encryption algorithm for generated keys. To do this, start the PGPkeys application. It should so a list of "stock keys." Select the 'Edit -> Options' menu item to get to the Options dialog.

2. In the options dialog box, click on the 'Advanced' tab. You should see a drop down list titled "Preferred Algorithm." Select 'AES.' Ensure that all algorithms are checked in the "Allowed Algorithms" check-boxes. Click 'Ok' to accept the changes.

3. Back in the main PGPkeys window, select the 'Keys -> New Key...' menu item. This will bring up the Key Generation Wizard. Click the 'Expert' Button.

4. Fill in the name and email addresses. The official name is your first name, your middle initial, and your last name. However, if you feel that this is too restrictive, by all means do your own thing. You should use an email address you feel fairly confident you'll keep for at least a year or so. However, you'll have the ability to add additional email addresses in the future, so you shouldn't fret about which email address to use.

5. For the Key Type select "RSA." Do not select "RSA Legacy." For Key Length, select 2048 bits. For Key Expiration, select 'Never.'

6. Click the 'Next' button. You will then be prompted for your master pass phrase. Make this a good password that is easy to remember, but hard for someone else to guess. Don't worry, you can always change this later.

7. Once you've entered the pass-phrase twice, click the 'Next' button and watch the lights blink. Most modern PC's don't take too long to generate keys. If it takes more than a minute, there may be something wrong, give it another minute or two, reboot, cuss at Microsoft, and try it again.

8. Assuming the lights stop blinking, you should get a dialog box saying that you've successfully generated a key. Click the 'Finish' button and you should see your new key amongst the "stock keys" in the main window of the PGPkeys application.

9. So, you thought you were finished, didn't you? Well... Not yet. We still have to generate a "subkey." If you're curious why we want to generate a subkey, there's a brief description on page 76 of the manual. To generate a subkey, start by selecting your key (it should be bolded in the display.) Then select the 'Keys -> Properties' menu item. This should bring up the (surprise) Key Properties dialog box. There are two tabbed panes in this dialog box, the second one is labeled 'Subkeys.' Select this tabbed pane.

10. This will show the list of subkeys. Since you haven't generated any, you'll probably see a single, gold master key. At the bottom of the pane there is a 'New' button. Click on this button to generate a new subkey. This brings up the New Subkey dialog box. You want to create a subkey that is 1536 bits long, and is valid from <insert today's date> to July 23, 2003. Click the okay button you'll be queried for your pass-phrase again. Enter it in and watch the lights blink as your subkey is generated. 1536 bit subkeys shouldn't take too long to generate, so don't go too far away. Congradulations, you've generated a key.

1. Get a blank floppy disk. Format it, label it, and otherwise make it ready for use.

2. From the PGPkeys application, select your key (it should be bolded,) and select the 'Keys -> Export...' menu item. This will bring up the Export Key dialog. Click the 'Include Private Key' box. The 'Version 6 compatibility' check box should already be selected. If not, select it. Save the key on the floppy. I like to use my email address as my key file name.

3. Put the floppy in a "safe place."

1. From the PGPkeys application, select your key (it should be bolded,) and select the 'Keys -> Export...' menu item. This will bring up the Export Key dialog. Insure that the 'Include Private Key' box is not checked. The 'Version 6 compatibility' check box should already be selected. If not, select it. Save the key on your hard disk. I like to use my email address appended with "_public6" for my public key file name.

2. Send your public key via email to people with whom you want to communicate securely.

1. When you get a PGP (".asc") key file from someone else, you've got to import it before using it. Importing a PGP key is a two phase process. First, we import the key into PGPkeys. Second, we verify the validity of the key and update the "trust" level.

2. To import a key, make sure that you have a ".asc" file. You might have receieved an email message that begins with something like '-----BEGIN PGP PUBLIC KEY-----'. If so, you can copy and paste this into a file using your favorite text editor or notepad.exe. From the PGPkeys application, import the key using the 'Keys -> Import...' menu item.

3. To establish the trust of the key you just imported, select the key in the PGPkeys main window. It should not be bolded. Look at the key properties by using the 'Keys -> Properties' menu item. Select the 'Hexadecimal' check box. Phone the person whose key this supposedly is. Have them read off their fingerprint. If they fingerprint that they read off is the same as the fingerprint in the Keys Property dialog box, then the key has not been modified in transit. If you trust the person from whom the key came, indicate that the key is "valid."

4. Begin by Signing that person's key. Do this by selecting the key in the PGPkeys main window. Use the 'Keys -> Sign...' dialog box to bring up the Key Sigining dialog box. Click on the 'More Choices' button. Select 'Trusted Introducer Exportable', Depth of 1, Domain Restriction should be set to 'cryptodot' and the expiration date should be 5 years in the future.

5. Once you've signed the key, you'll be able to slide the validity slider from invalid to valid.

6. After signing other people's keys, export their key (that now has your signature) to a file and send it to the back to the key's owner.

1. PGP is free for non-commercial use, and fairly reasonable for commercial use. Check out pgp.com for the latest product info.

2. Please feel free to pass along the URL to this site. If there's a big-long URL at the top of the page, you might want to pass along the following alias: http://www.securitytechnique.com/1/6.

3. Put a reference to this page in the comment block of your outgoing PGP messages. You can find this in the preferences section of the PGP Keys application. I put the text "Information about using PGP for secure communication can be found at http://www.securitytechnique.com/1/6" in my comment block.

• Key Properties Settings in the 'Edit->Options' Advanced Tab
• Preferred Algorithm: AES
• Master Key Properties (when generating a new key pair)
• Key Type: RSA (Not RSA Legacy!!!)
• Key Length: 2048
• Key Expiration: Never

• Subkey Properties
• Key Type: RSA
• Key Length: 1536
• Key Expiration: today + 1 year
• Key Signing Parameters: 'Trusted Introducer Exportable'
• Depth: 1
• Domain Restriction: securitytechnique.com
• Expiration: today + 5 years.