PGPSteps

I've done a semi-major update of "PGPSteps" and included key revokation in the set-up part. Also various URL's were added/corrected/updated. I've tried to include Windows 95 references as well (where applicable). By now I consider "PGPSteps" "complete" in terms of the installing procedure. I hope, it's still simple and easy, although it's a couple page longer now. If you have any comments, corrections etc., please let me know. Ciao Harka PS: Dave, please update it on the Web page. Thanks :) -- /*************************************************************/ /* This user supports FREE SPEECH ONLINE ...more info at */ /* and PRIVATE ONLINE COMMUNICATIONS! -> http://www.epic.org */ /* E-mail: harka(at)nycmetro.com (PGP-encrypted mail pref'd) */ /* PGP public key available upon request. [KeyID: 04174301] */ /* F-print: FD E4 F8 6D C1 6A 44 F5 28 9C 40 6E B8 94 78 E8 */ /*<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>*/ /* May there be peace in this world, may all anger dissolve */ /* and may all living beings find the way to happiness... */ /*************************************************************/ -----BEGIN PGP SIGNED MESSAGE----- PGPSteps -------- Pretty Good Privacy (PGP) Installation - Step by Step by Harka <harka(at)nycmetro.com> last updated: 05/01/1997 "PGPSteps" (c) may be distributed freely without charge, left unchanged and the intact signature. The latest version is available by sending an e-mail to harka(at)nycmetro.com with the subject: SEND PGPSTEPS (finger for update info). See also http://bureau42.base.org/public/pgpsteps.txt for a recent version. Note: This document is intended for first-time PGP users. It is meant as a short step-by-step reference guide for the installation of PGP (Pretty Good Privacy), versions 2.6.2 and 2.6.3i, on an IBM compatible computer running DOS/Windows. However, it is _not_ meant to replace the PGP-documentation in any way. As a matter of fact, it is highly recommended to read at least pgpdoc1.txt (included in the PGP-distribution) _before_ actually installing the program. Much more additional info not covered here you'll also find in the various comprehensive FAQ's (see FURTHER INFORMATION at the end). Portions from the PGP documentation have been used herein. Thanks to Philip Zimmermann, Perry Metzger, Colin Plumb, Derek Atkins, Jeffrey I. Schiller, all of the Cypherpunks list and others. It might be useful to print this document out as a reference. ==================================================================== So you feel like having some more privacy by using PGP? Wise decision! Congratulations :) All install steps in short -------------------------- --download the respective PGP version --create C:\PGP directory --copy the downloaded zip into C:\PGP --unzip pgp262.zip (pgp263i.zip) into the C:\PGP directory --unzip second archive pgp262i.zip (pgp263ii.zip) into the C:\PGP directory, recreating the directories by using pkunzip's -d option --edit autoexec.bat, adding the lines SET PGPPATH=C:\PGP SET PATH=C:\PGP;%PATH% and SET TZ= (see below). --save autoexec.bat and reboot --create key pair with pgp -kg --sign key with pgp -ks yourID -u yourID (only version 2.6.2) --add keys from keys.asc to your public keyring with pgp -ka keys.asc --verify integrity of PGP distribution archive with pgp pgp262i.asc pgp262i.zip (pgp pgp263ii.asc pgp263ii.zip) --copy keys and the downloaded zip-file to floppy as a backup --create Key Revokation Certificate with pgp -kd yourID --extract revoked key with pgp -kxa yourID revoke into a file called revoke.asc --copy revoke.asc to the backup disk --copy secring.pgp and pubring.pgp from backup disk back into the C:\PGP directory, overwriting the revoked keys --write-protect backup disk and keep in a safe location --add public key to a key server (optional) --have fun (it all sounds more complicated than it is...promised :)) Getting PGP ----------- The latest official US-version is PGP 2.6.2 (freeware). If you are a citizen of the United States, you can download pgp262.zip from the Massachusetts Institute of Technology (MIT) at http://web.mit.edu/network/pgp.html The latest international version is 2.6.3ia (freeware). If you live in any other country than the US, you can download pgp263i.zip from the International PGP-Homepage at http://www.ifi.uio.no/pgp/ The reason for two separate versions are patent law issues. If you use the international version in the US (or vice versa) you might be in violation of these patent laws. Both versions are, however, essentially the same thing. Therefore download and use the one, that applies to you. Having downloaded PGP, create a C:\PGP directory. In DOS you can use MD PGP from the C:\ prompt and in Windows 3.1 you can use the File Manager. Here go to the FILE menu and CREATE DIRECTORY (in Windows 95: EXPLORER/select MAIN FOLDER (c:)/FILE/NEW/FOLDER, name the new folder PGP). Copy the downloaded pgp262.zip (or international pgp263i.zip) into your new C:\PGP directory. You might want to copy pkunzip.exe into your PGP directory as well - makes things easier :). (You will need PKUNZIP version 2.04g or later to uncompress and split the PGP262.ZIP archive file into individual files. PKUNZIP is shareware and is widely available on MSDOS machines. A Windows-version called WINZIP is available as well. More details if necessary you'll find in the PGP documentation in a file called setup.doc.) Unzip the archive in the C:\PGP directory with: pkunzip pgp262.zip or pkunzip pgp263i.zip Now you'll find a second zip file pgp262i.zip (pgp263ii.zip) in your PGP directory, plus a corresponding file pgp262i.asc (pgp263ii.asc). The .asc (ASCII)-file is the signature, that let's you verify the integrity of the archive (after you've installed PGP). Unzip pgp262i.zip (pgp263ii.zip) with: pkunzip pgp262i.zip -d or pkunzip pgp263ii.zip -d Remember to recreate the directories by using pkunzips -d option! (You should now have a subdirectory within C:\PGP called DOC, i.e. C:\PGP\DOC. As you might have guessed already, that contains the PGP documentation :)). Setting the Environment ----------------------- Next, you can set an MSDOS "environment variable" to let PGP know where to find its special files. Use your favorite text editor to add the following lines to your AUTOEXEC.BAT file (usually on your C: drive): SET PGPPATH=C:\PGP SET PATH=C:\PGP;%PATH% In DOS you can use EDIT by typing EDIT C:\AUTOEXEC.BAT . You'll probably already have a couple of SET lines, just put the one's for PGP in there somewhere. In WINDOWS 3.1 you can go to Program Manager (the main screen) and go to the menu FILE, RUN and type SYSEDIT (in Windows 95 use START/RUN/SYSEDIT). This will open several files, including the AUTOEXEC.BAT. Go to that window and include the SET lines from above. Substitute your own directory name if different from "C:\PGP". While you're editing the AUTOEXEC.BAT, include the TZ variable as well. The TZ (Time-Zone)-variable tells MSDOS what time zone you are in, which helps PGP create GMT timestamps for its keys and signatures. If you properly define TZ in AUTOEXEC.BAT, then MSDOS gives you good GMT timestamps, and will handle daylight savings time adjustments for you. Here are some sample lines to insert into AUTOEXEC.BAT (see above on how to), depending on your time zone: For Los Angeles: SET TZ=PST8PDT For Denver: SET TZ=MST7MDT For Arizona: SET TZ=MST7 (Arizona never uses daylight savings time) For Chicago: SET TZ=CST6CDT For New York: SET TZ=EST5EDT For London: SET TZ=GMT0BST For Amsterdam: SET TZ=MET-1DST For Moscow: SET TZ=MSK-3MSD For Aukland: SET TZ=NZT-13 Your AUTOEXEC.BAT should now look similar to this example: @ECHO OFF C:\MCAFEE\VSHIELD /anyaccess /xmsdata /only a: PROMPT $P$G PATH=C:\NC;C:\DOS;C:\;C:\NC\WINSOCK;C:\WINDOWS;C:\MCAFEE SET PGPPATH=C:\PGP SET PATH=C:\PGP;%PATH% SET TZ=EST5EDT SET MIXPATH=C:\NC\PI SET TEMP=C:\TRASH SET WINPMT=[WINDOWS] $P$G SET BLASTER=A220 I5 D1 T4 SET GALAXY=A220 I5 D1 K10 P530 T6 C:\DOS\SMARTDRV.EXE 1024 512 /X C:\MCAFEE\VSHIELD /reconnect win : If it does, EXCELLENT! Now save it and reboot your system to run AUTOEXEC.BAT, which will set up PGPPATH and TZ for you. Generating Your First Key ------------------------- Being new to PGP, it might be a good idea to create a test key first, so that you can play around with it and even pretend to send messages back and forth. That will give you some feeling on how it works (and also take some of the fear away :)). But note, that this is for _testing_ purposes only, it's not your actual key yet! I recommend to play around in DOS using the command lines, so when you use one of the many shells and front-ends available later on, you'll know what's going on "behind the scenes". To generate your test key, go to DOS and type: pgp -kg Since this will be a test key only, choose the smallest key size (1), make your keyID Test Key <test@test.com> and the pass phrase TEST. Then generate the key. Now you'll find two new files in your C:\PGP directory: secring.pgp (your secret keyring) and pubring.pgp (your public keyring). Basically you're ready to play now. You might want to start by signing your own public key (Note: the international version 2.6.3i already does that automatically for you during key generation) by typing: pgp -ks test -u test ("test" being the ID for the key, that you sign and the second "test" the ID, that will be used to sign with. Since you sign your own key, both ID's are the same. Later on with your real key, however, the ID "test" will be replaced by your actual name and the key to be signed will very likely be somebody else's). You could also add the public keys from C:\PGP\keys.asc to your public keyring with: pgp -ka keys.asc After having added the keys, you now can also verify the integrity of the PGP archive (good idea!) by typing: pgp pgp262i.asc pgp262i.zip or pgp pgp263ii.asc pgp263ii.zip PGP should tell you that it has a Good Signature from: Jeffrey I. Schiller <jis(at)mit.edu> It will also tell you that it doesn't "trust" the (jis(at)mit.edu) key. This is because PGP does not *know* that the enclosed key really belongs to Jeffrey. Don't worry about this now. Read the section "How to Protect Public Keys from Tampering" in Volume 1 of the PGP manual. (If you get a Good Signature, you could now actually delete pgp262i.zip & pgp262i.asc or pgp263ii.zip & pgp263ii.asc to save some space. But keep the original archive that you downloaded around.) Or you can take some document and sign it clear-text with pgp -sta filename and then verify it by typing pgp filename.asc Or you can encrypt files, sign them, wipe them, extract keys, check fingerprints or, or, or... At the end of this document you'll find a very helpful command line summary with enough options to play with. And, of course, read the actual PGP documentation before you move on to the next step!! Getting set up for real ----------------------- Alright, you've played around with PGP, might have generated several keys, sent messages "back and forth", read the documentation and maybe the FAQ's, and generally you feel pretty comfortable with it. Of course, you actually want to now use PGP in the "real world". :) Since you've edited the autoexec.bat, have set up the PGP directory etc. already during the test run, all you actually have to do to get back to "ground zero" is delete the files C:\PGP\SECRING.PGP, C:\PGP\SECRING.BAK (if there), C:\PGP\PUBRING.PGP and C:\PGP\PUBRING.BAK (if there). Now generate your actual key with: pgp -kg This time choose at least "military grade" (option 3, 1024 bits) for your key size. Note, that both 2.6.2 and 2.6.3i support up to 2048 bit keys. If you want the maximum key size, you'll have to actually type 2048, instead of simply choosing 1, 2 or 3. For the key ID use the generally used format of: firstname lastname <handle@domain.name> example: John Doe <jdoe@whatever.com> (including the < >). Now choose a _strong_ and _long_ passphrase. At least 20 different characters are recommended. Try to avoid simple words but include as many different (random) characters as possible. Example: Passphrase "Thomas" is really not a good one, especially if that's your name. "Thomas is wandering over the Red Square" is better already, but wouldn't stand long either to a dictionary attack. "Th0m@$iswaN-Der1ngOVE/RtH%r&dS\QA~<" would therefore be a much better choice. Use your imagination and remember: long, unguessable and many different characters! (see also the Passphrase FAQ and the Diceware Homepage in FURTHER INFORMATION on how to get a good passphrase) _Never_ write your passphrase down, don't tell it to anybody (not even to your boy/girlfriend, husband, mother or whomever!) and never let anybody look over your shoulder, when you type it in!! Now finish generating the key. Btw., when it comes to "type some random text", don't hit the same key over and over again :). Type your favorite poem or an article from the newspaper until it beeps. Sign your own key again with pgp -ks yourID -u yourID (only 2.6.2.) and then make backup copies of the keys and the original pgp zip-archive (that you downloaded) to a floppy disk. While you're at it, extract your public key with pgp -kxa yourID yourID and copy yourID.asc to the disk as well. Keep this file on your hard drive too; you'll probably need it quite often to cut & paste your public key from into e-mail. Next create a Key Revokation Certificate. This will be used in case you either somehow loose your secret key completely or if somebody has gotten a copy of your secret key and you have reason to believe, that they got (or will get) your passphrase too. Obviously something you want to avoid at all costs! A Key Revokation Certificate is basically your public key with a stamp "REVOKED" on it. This you can send to people (or a key server) if your secret key ever gets compromised. It will essentially tell their PGP: DON'T USE yourID's KEY EVER AGAIN 'CAUSE IT'S COMPROMISED! (see also PGP-documentation). Before you create your Revokation Certificate, make sure that you have made backup copies of your keys (secring.pgp and pubring.pgp) to the floppy-disk. You will need them! To revoke your key type: pgp -kd yourID You'll have to type in your passphrase and then your key get's revoked. If you check with pgp -kc yourID , you'll see, what it looks like. Next extract your (now revoked) key with: pgp -kxa yourID revoke into a file called revoke.asc. This is the file, that you'll send to people in case your secret key get's compromised. Copy the Key Revokation Certificate (revoke.asc) to the floppy-disk with your backup-keys. Now all you actually have to do to get your keys from "REVOKED" back to "normal" is to copy the backups (secring.pgp and pubring.pgp) from the floppy-disk back into your C:\PGP directory. Overwrite the existing (revoked) keys with the backups. If you now check with pgp -kc yourID, you should see your regular public key again (no "REVOKED" anymore). On your backup disk you should now have at least the following files: pgp262.zip -the original PGP-distribution archive (or pgp263i.zip) secring.pgp -your secret keyring pubring.pgp -your public keyring yourID.asc -your normal public key revoke.asc -your revoked public key (Revokation Certificate) autoexec.bat -(optional) Write-protect the disk and keep it in a safe place, where _nobody_ but you has access to it. That's almost it for installing PGP... As an optional step, you might want to make your public key generally available by sending it to a public key server. See http://www-swiss.ai.mit.edu/~bal/pks-toplev.html for an easy Web-form, where you can submit your own key or get the public keys from others (works also via e-mail). Check http://www.pgp.net/pgpnet/www-key.html for other WWW-key servers. You're finished with the setup now and ready to roll!! (Was pretty easy, huh? :)) Most common mistakes in the beginning ------------------------------------- 1. Sending your secring.pgp and/or your passphrase to somebody else. DON'T!! You don't need to share any of this with public key cryptography (see PGP documentation for more details). All that people need to encrypt mail to you or check your signature is your _public_ key. 2. Sending the entire file pubring.pgp to somebody else. No need to either. Extract only your _own_ key with pgp -kxa yourID filename into a file. This file you can now send either as attachment or simply cut & paste the key into your e-mail window and send it as regular e-mail (the same applies to the Revokation Certificate in revoke.asc; in case you ever need it). 3. Writing down your passphrase. As strange as it may seem, but despite all warnings a lot of people still do that. DON'T! EVER! Besides, after using PGP on a daily basis, you really should not forget your passphrase anymore anyway. 4. Not keeping physical control of secring.pgp Don't let _anybody_ get a copy of your secret keyring. Because the only thing, that will stand from there between them and all your e-mail is your passphrase. And if it's a weak one (that they can crack or guess) or they even know it (see "Writing down your passphrase"), then it's over with security and privacy. And that would be very unfortunate indeed. The same applies to the floppy disks with the backups. As a common tag line on the Internet goes: "My public key you can get with the subject: Send public key. My secret key you can pry out of my cold, dead fingers!!" 5. Not being careful with plain-text(s) PGP only protects messages and files as long as they are encrypted. If you save the de-crypted text(s) to your hard drive or even print them out and leave them laying around on your desk, then PGP can't help you anymore either, if somebody finds it. So either delete the files (wipe them with pgp -w filename) or encrypt them to yourself or encrypt them conventionally (pgp -c filename), if you need to keep them. 6. Not reading the PGP documentation at least once no comment, except RTFM! Front Ends and Plug-In's ------------------------ Of course, most of us get pretty tired after a while doing everything manually via command lines. That's where so called front-ends come in. These are additional programs, that make things like PGP much easier to use. There are literally tons of them out there (check http://www.ifi.uio.no/pgp/utils.shtml) for some of them. Personally I recommend the following three: ** AutoPGP ** by Stale Schumacher <staalesc(at)ifi.uio.no>, the same guy, who also wrote the international PGP version 2.6.3i. (Shareware; registration fee is 15$) This is a DOS program designed to work together with QWK/SOUP-standard offline mail readers, such as OLX, Blue Wave, 1st Reader etc.. It makes sending/receiving PGP messages really, really easy, especially if you have lots of them. check http://www.ifi.uio.no/~staalesc/AutoPGP/ to download it. ** Private Idaho ** by Joel McNamara <joelm(at)eskimo.com> (Freeware) A Windows front-end not only for PGP, but also for anonymous remailers and NYM-servers. Nice and easy to use interface, and it works together with most popular mail programs. If you have a SLIP or PPP connection, you can even send/receive PGP messages right from Private Idaho itself. If not, you can "port" messages from the PI window into your regular mail program (Netscape Mail, for example) with the click of a button. If that doesn't work, you can still write your messages in Private Idaho, encrypt/sign them and then cut & paste it into your normal e-mail program (and vice versa, of course). It also comes with a PGP Quickstart file for Windows, in case you really don't feel comfortable setting up PGP in plain DOS. But why would you, since you're reading this...:) check http://www.eskimo.com/~joelm/ to download it. ** PGPMail ** by Pretty Good Privacy Inc. (29,95 $ for US users, who have PGP 2.6.2 already installed) Contact: <pgpservice(at)pgp.com> - From the masters themselves a full-featured plug-in for the Windows 95/NT versions of Eudora 3.0 and Netscape Mail. You actually don't even need to have the freeware PGP version installed. All you'd need is PGPMail 4.5 (pgpmail45.exe). However, the price given above is a special discount given to PGP 2.6.2 freeware users (see web page for details). PGPMail 4.5 makes PGP-encryption not only easy, but fast as well. During installation it will add a few buttons to your Eudora window, which means, that you never have to leave Eudora (or Netscape) to encrypt/decrypt/sign etc.. Highly recommended, for newcomers and seasoned PGP-users alike. check http://www.pgp.com/products/PGPmail.cgi to download it (US-citizens only). PGPMail is export-controlled software. Therefore a URL outside the US can not be provided here. If you live outside the US and you use Windows 95/NT, you might want to check the windows95 directory at: ftp://ftp.replay.com/pub/replay/pub/pgp/pc/ for any other front-ends and/or plug-in's available. Here's a quick summary of PGP v2.6x commands -------------------------------------------- To encrypt a plaintext file with the recipient's public key: pgp -e textfile her_userid To sign a plaintext file with your secret key: pgp -s textfile [-u your_userid] To sign a plaintext file with your secret key and have the output readable to people without running PGP first: pgp -sta textfile [-u your_userid] To sign a plaintext file with your secret key, and then encrypt it with the recipient's public key: pgp -es textfile her_userid [-u your_userid] To encrypt a plaintext file with just conventional cryptography, type: pgp -c textfile To decrypt an encrypted file, or to check the signature integrity of a signed file: pgp ciphertextfile [-o plaintextfile] To encrypt a message for any number of multiple recipients: pgp -e textfile userid1 userid2 userid3 - --- Key management commands: To generate your own unique public/secret key pair: pgp -kg To add a public or secret key file's contents to your public or secret key ring: pgp -ka keyfile [keyring] To extract (copy) a key from your public or secret key ring: pgp -kx userid keyfile [keyring] or: pgp -kxa userid keyfile [keyring] To view the contents of your public key ring: pgp -kv[v] [userid] [keyring] To view the keys in the keyring with the signatures: pgp -kvv [userid] [keyring] To view the "fingerprint" of a public key, to help verify it over the telephone with its owner: pgp -kvc [userid] [keyring] To view the contents and check the certifying signatures of your public key ring: pgp -kc [userid] [keyring] To edit the userid or pass phrase for your secret key: pgp -ke userid [keyring] To edit the trust parameters for a public key: pgp -ke userid [keyring] To remove a key or just a userid from your public key ring: pgp -kr userid [keyring] To sign and certify someone else's public key on your public key ring: pgp -ks her_userid [-u your_userid] [keyring] To remove selected signatures from a userid on a keyring: pgp -krs userid [keyring] To permanently revoke your own key, issuing a key compromise certificate: pgp -kd your_userid To disable or reenable a public key on your own public key ring: pgp -kd userid - --- Esoteric commands: To decrypt a message and leave the signature on it intact: pgp -d ciphertextfile To create a signature certificate that is detached from the document: pgp -sb textfile [-u your_userid] To detach a signature certificate from a signed message: pgp -b ciphertextfile - --- Command options that can be used in combination with other command options (sometimes even spelling interesting words!): To produce a ciphertext file in Ascii radix-64 format, just add the - -a option when encrypting or signing a message or extracting a key: pgp -sea textfile her_userid or: pgp -kxa userid keyfile [keyring] To wipe out the plaintext file after producing the ciphertext file, just add the -w (wipe) option when encrypting or signing a message: pgp -sew message.txt her_userid To specify that a plaintext file contains ASCII text, not binary, and should be converted to recipient's local text line conventions, add the -t (text) option to other options: pgp -seat message.txt her_userid To view the decrypted plaintext output on your screen (like the Unix-style "more" command), without writing it to a file, use the -m (more) option while decrypting: pgp -m ciphertextfile To specify that the recipient's decrypted plaintext will be shown ONLY on her screen and cannot be saved to disk, add the -m option: pgp -steam message.txt her_userid To recover the original plaintext filename while decrypting, add the -p option: pgp -p ciphertextfile To use a Unix-style filter mode, reading from standard input and writing to standard output, add the -f option: pgp -feast her_userid outputfile Further Information ------------------- All of the following FAQ's and sites have much more additional information not covered here, URL's, book references, ftp-sites etc.. Check 'em out... Where to get the latest PGP (Pretty Good Privacy) FAQ; by Peter Herngaard <pethern(at)datashopper.dk>: ftp://ftp.csn.net/mpj/getpgp.asc The Beginners Guide to Pretty Good Privacy; by Bill Morton <wjmorton(at)nbnet.nb.ca>: http://www.clark.net/pub/rothman/pgpbg11.asc The comp.security.pgp FAQ (the "official" PGP FAQ): http://www.pgp.net/pgpnet/pgp-faq/ The International PGP FAQ (for version 2.6.3i); by Stale Schumacher <staalesc(at)ifi.uio.no>: http://www.ifi.uio.no/pgp/FAQ.shtml or via email with (empty) message to <pgp(at)hypnotech.com>; subject: GET FAQ The Passphrase FAQ; by Randall T. Williams <ac387(at)yfu.ysu.edu>: http://www.stack.nl/~galactus/remailers/passphrase-faq.html The Diceware Passphrase Home Page http://world.std.com/~reinhold/diceware.page.html Pointers to other Cryptographic Software http://www.cs.hut.fi/ssh/crypto/software.html Usenet: alt.security.pgp Want to know more about Privacy and Civil Liberties issues? ----------------------------------------------------------- check out these organizations and web sites: ** Electronic Privacy Information Center (EPIC) ** http://www.epic.org/ ** Electronic Frontier Foundation (EFF) ** http://www.eff.org/ ** Center for Democracy and Technology (CDT) ** http://www.cdt.org/ ** The Voters Telecommunications Watch (VTW) ** http://www.vtw.org/ ** American Civil Liberties Union (ACLU) ** http://www.aclu.org/ ** Encryption Policy Resource Page ** http://www.crypto.com/ ** Democracy Net ** http://www.democracy.net/ ** Privacy International ** http://www.privacy.org/pi/ ** Amnesty International (AI) ** (general human rights) http://www.amnesty.org/ ==================================================================== May there be peace in this world, may all anger dissolve and may all living beings find the way to happiness... harka(at)nycmetro.com Finger or e-mail for public key [KeyID: 04174301] Fingerprint: FD E4 F8 6D C1 6A 44 F5 28 9C 40 6E B8 94 78 E8 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBM2hsfzltEBIEF0MBAQG4Gwf/W24G2sxwqVzeSIO5BBKpyWd03G1xH6Jz qhkgOWfSRJ1V+2pwCXP4TAtb+ldgjB2jxtx5rv5XGC/2KWaUgjM0mhN8OAZXPb6R Nu/WKyzt5GJTN9SDe12xVC/jtBPQuTQPENFp07tx4e2KU3PlOrn/vpvHRzFk/Dfb Ck2LBw61uEyaSP2ZFdUM2exK6lioDBaUKmSW+zJWcfFfnlgaUPQRuWCmQFJidD71 u4tHO0y5VHg4G/3yXi1vuw4iUcjFcCqyqnGCAIyFmagi281xZsUI9ZgJx6Lu82c7 tD/OwOAojFbamUK1d9ISqFA8InnT+L4kpn046FaSgrrhl4njuRcOBg== =7vIU -----END PGP SIGNATURE-----