-----BEGIN PGP SIGNED MESSAGE----- Ok, version 0.84 didn't work properly on Linux, so I'm now releasing a version 0.84a with fixes to make it compile. US users can get the sources from from ftp.c2.org:/pub/privtool/privtool-0.84a.tar.gz, or in Europe at ftp.ox.ac.uk:/pub/crypto/pgp/utils/privtool-0.84a.tar.gz. It will also be available soon on ftp.dsi.unimi.it. US ITAR laws may make it a crime to export Privtool, so if (like me) you're not in the US then get it from the European sites. In addition the documentation is available on the WWW at http://www.c2.org/~mark/privtool/privtool.html. Mark Privtool Beta Release @(#)README.1ST 1.16 7/12/95 ----------------------------------------------------- Privtool ("Privacy Tool") is intended to be a PGP-aware replacement for the standard Sun Workstation mailtool program, with a similar user interface and automagick support for PGP-signing and PGP-encryption. Just to make things clear, I have written this program from scratch, it is *not* a modified mailtool (and I'd hope that the Sun program code is much cleaner than mine 8-) !). When the program starts up, it displays a list of messages in your mailbox, along with flags to indicate whether messages are signed or encrypted, and if they have had their signatures verified or have been decrypted. When you double click on a message, it will be decrypted (requesting your passphrase if neccesary), and/or will have the signature checked, and the decrypted message will be displayed in the top part of the display window, with signature information in the bottom part. The mail header is not displayed, but can be read by pressing the 'Header' button to display the header window. In addition, the program has support for encrypted mailing list feeds, and if the decrypted message includes another standard-format message it will replace the original message and be fed back into the display processing chain. When composing a message or replying to one, the compose window has several check-boxes, including one for signature, and one for encryption. If these are selected, then the message will be automatically encrypted and/or signed (requesting your passphrase when neccesary) before it is sent. You may also select a 'Remail' box, which will use the Mixmaster anonymous remailer client program to send the message through one or more remailers. Being an Beta release, there are a number of bugs and nonfeatures : Known Bugs : Message list scrollbar often set to stupid position when loading a mail file. When you save changes to the mail file, it throws away the signature verification and decrypted messages, so that the next time you view a message it has to be verified or decrypted again. 'New mail' indicator in icon does not go away if you open the window and close it again without reading any messages. Known Nonfeatures : Currently if you send encrypted mail to multiple recipients, all must have valid encrpytion keys otherwise you will have to send the message decrypted. Also, the message will be sent encrypted to all users, not just the one who is receiving each copy. 'Add Key' button is enabled and disabled as appropriate, but does not do anything ! A number of other buttons and menu items do not work either. Passphrase is stored in ASCII rather than MD5 form, making it easier for hackers to find if you're on a multi-user machine (of course, you shouldn't be, but many of us are). Kill-by-subject does not work. Ignores Reply-To: lines, and could probably do with an improved mail-reading algorithm. Only one display window, and only one compose window. Code should be more modular to assist with ports to Xt, Motif, Mac, Windows, etc. Not very well documented ! Encrypted messages are saved to mail files in encrypted form. There is currently no option to save messages in decrypted form. No support for anonymous return addresses. Not very well tested on Solaris 2.x, or Linux. Major changes for 0.84: Added 'Forward' option to 'Compose' button. Support for Mixmaster and multiple pseudonyms. Due to a bug in the current version of Mixmaster, note that messages have to be saved to a temporary file for mailing. Fixed file descriptor leak in pgplib.c which could make the program hang occasionally when saving changes. Added support for 'smallring.pgp' to speed up access to commonly used public keys. This version is thought to work on Linux, however I haven't been able to test that myself. Changes supplied by David Summers (david@actsn.fay.ar.us). Changes for 0.84a: Linux testing showed up some problems with 0.84. This has been solved by using Rich Salz's parsedate() function to parse the dates on mail messages. This is now supplied in a linux subdirectory, and appropriate changes made to the Makfile to allow it to compile correctly on Linux. Changes supplied by David Summers (david@actsn.fay.ar.us). Fixed another hang by deleting the lock file if we failed to open the mail file while saving a message. Privtool can be compiled to either use PGPTools, or to fork off a copy of PGP whenever it is needed. There are also a number of different security level options for the passphrase, varying from 'read it from PGPPASS and keep it in memory' to 'request it every time and delete it as soon as possible', via 'request it when neccesary and delete it if it's not used for a while'. See the README file for information on compiling the code, and the user.doc file for user documentation (the little that currently exists). You should also ensure that you read the security concerns section in user.doc before using the program. Mark Grant (mark@unicorn.com) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQEVAgUBMAPq5lVvaTo9kEQVAQG48gf9EXXCBm42agXpfJP1ePuI5zbDujtaWhGb khAPRrlPJJ5QeZp3wz0DMDjhvSJjz2dlyxYj5u61kgbfybhxr2lAzwYL4k89A/B+ aHSggEMpKYwosd9FZEZ30pG1ufYeEI0eJw0hHuZzIIbGzTy3x+IfVY9h41F+ewkV fbAtw5jwZKI43cil0cds3DFLHYOhiuWUU72KUCHABgvQfLPBYCJ4F3nW64GduxtA idjHrcfe3ZJNLJEQ1VsHbqbAgND2jzB/8C84kw9Nb9wgd+zTdgnnJPWidpqHZqe2 ymBX1JD675WrKORnZlTI28haIcajPnLp5nXy2Ycs+/5RMuW/AVlYhg== =4M+l -----END PGP SIGNATURE-----