The Essential Collection

GnuPG (The GNU Privacy Guard)
GnuPG is a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application.
mozdev.org - enigmail: index
Enigmail is an extension to the mail client of Mozilla / Netscape and Mozilla Thunderbird which allows users to access the authentication and encryption features provided by GnuPG.
my GnuPG and Enigmail Tips
Tips on installing GnuPG and Enigmail. My attempt to explain that to a Windows user, not running Windows myself..
The GNU Privacy Handbook
Das GNU-Handbuch zum Schutze der Privatsphäre
Frontends - GnuPG.org
Lists of software with support for GnuPG. GUI frontends, MUA frontends, chat programs, network related, frontends for scripting, for *nix platform, for Windows platform, for Mac platform.
Oberflächen - GnuPG.org
FireGPG - use GPG easily in Firefox !
FireGPG is a Firefox extension under MPL which brings an interface to encrypt, decrypt, sign or verify the signature of text in any web page using GnuPG.
GnuPG und EnigMail mit Thunderbird (Praxis)
Slides eines einfuehrenden Vortrags von Roland Schmalenberg, mit PgUp/PgDn blaettern oder rechts unten nach Maus-Over das ø Symbol fuer HTML-Komplettseite waehlen.
Deutsche GnuPG Anleitung / Anhang 5: Applikationen
Fuer welche Mail-Programme es welche Erweiterungen gibt.
gpg4win - EMail-Security using GnuPG for Windows
gpg4win is an installer package for Windows with computer programs and handbooks for EMail and file encryption. GnuPG, WinPT, GPA, GPGol, GPGee, Sylpheed-Claws. Einsteiger- und Durchblicker-Handbuch.
GPGshell
GPGshell is a graphical interface for GnuPG, Windows.
EudoraGPG
EudoraGPG ist ein Plugin für Eudora (Windows).
E-Mail-Verschlüsselung mit Eudora und EudoraGPG
Anleitung der Uni Koeln.
Deutsche GnuPG & PGP Anleitungen
Die GnuPG Anleitung schlechthin. Geht auch ausfuehrlich auf WinPT und GPGshell ein. Kai Raven meint in seinem Vorwort zur GnuPG Anleitung sehr richtig:
Mit der Version 3.2 der Deutschen GnuPG Anleitung, die nun schon seit vier Jahren erscheint und der Veröffentlichung von GnuPG 1.4.1 wird gleichzeitig die weitere Pflege der Deutschen PGP Anleitung eingestellt.
Ich denke, GnuPG hat mittlerweile einen ausreichenden Reifeprozess durchgemacht, so breite Verwendung gefunden und durch die Integration in zahlreiche E-Mail und Instant Messaging Programme, genauso wie durch die grafischen Benutzeroberflächen so viel an Benutzerfreundlichkeit gewonnen, dass es für keinen Nutzer des Internets mehr nötig ist, PGP einzusetzen.
E-Mail Sicherheit mit GnuPG und PGP
Anleitungen und Links der Uni Koeln.
Die Crypto-CD
Einstieg, Programme und Vertiefung.
GPG Signing: Traditional vs. PGP/Mime
gpg - converting from pgp
Moving from PGP to GnuPG - or - Arghhh! How do I switch to GnuPG when I (and my friends) already use PGP?
Replacing PGP 2.x with GnuPG
Describes how to communicate with people still using old versions of PGP 2.x, GnuPG can be used as a nearly complete replacement for PGP 2.x.
GnuPG mini HOWTO
Quite old but basics still apply, available in English, Dutch, German and Spanish and in different formats.
g10 Code
The GnuPG Experts.
Project Ägypten (Free Software Sphinx-Clients)
The Sphinx project launched by German authorities aims to improve secure email exchange. The projects technological base is the protocol 'TeleTrust e.V. MailTrusT Version 2'. This includes the standards S/MIME, X.509v3 and others.
The Free Software companies Intevation, g10 Code and Klarälvdalens Datakonsult AB are contracted by the German 'Bundesamt für Sicherheit in der Informationstechnik (BSI)' to incorporate the Sphinx protocols into Free Software MUAs. Background is to ensure availability of alternatives to proprietary desktops.
Project Ägypten2: Improving Free Software Sphinx-Clients
Ägypten2 is a successor project of Ägypten1, but with its own technical aims, primarily addressing a better GUI and some more functionality such as OCSP. The Ägypten2 project has the same structural and organisational frame as Ägypten1, started December 1st 2003 and finished in November 2004.
The International PGP Home Page
The purpose of the International PGP Home Page is to promote the use of PGP worldwide, and to be a resource pool for information on the PGP program and the OpenPGP standard.
/pub/mitarb/lutz/crypt/software/pgp/pgp263in directory
A special PGP v2.6.3 international version from 1997 with features added for certification purposes (ENCRyption and SIGNature keys, expiry of keys, revocations of own certificates from other's public keys, etc.). It is fully compatible and interoperable with all prior versions of PGP 2.6.x. It is also the only reliable version available for plain old DOS, look out for pgp263in001007.dosprotectedmode.zip* files.
Lutz Donnerhacke's gesammelte Texte zu Pretty Good Privacy
PGP? GPG?
Another link-list with short desriptions of tools and plugins around GnuPG/PGP.
Adrian von Bidder's gpg pages
With special interest subkeys mini-HOWTO (even if that's outdated).
Websites about PGP and encryption
 
Outdated:
Das GNU Privacy Projekt (GnuPP)
Als Partner der Aktion "Sicherheit im Internet" des Bundesministeriums für Wirtschaft und Arbeit (BMWA) und des Bundesministeriums des Innern (BMI) entwickel[te]n Spezialisten eine frei verfügbare Verschlüsselungssoftware für jedermann.
[ed: Leider ist die Foerderung eingestellt, die in dem Paket enthaltene GnuPG Version veraltet, und sollte mit einer neuen Version ersetzt werden, was der Anwender nach der Installation selber tun muss. Mit dem neuen GnuPG 1.4.1 fuehrt das allerdings dazu, dass auch ein neueres WinPT installiert werden muss, so dass der Nutzen dieses alten Pakets fraglich wird. Das Projekt macht einen verwaisten Eindruck.]
WinPT
Windows Privacy Tray and related projects on Sourceforge. Use the new http://www.winpt.org/ site instead.
FoeBuD e.V. - PGP-Handbuch
Aeltere Anleitung basierend auf PGP 2.6.x, 5.x und GnuPG.

Keyrings

OpenPGP Public Key Server Commands
subkeys.pgp.net rotation of servers running SKS keyring software capable of handling subkeys.
Diensten: SURFnet PKI: Searching, extracting or submitting keys (minsky.surfnet.nl)
DFN-CERT: PGP-Keyserver
PGP Public Key Server Uni Mainz
OpenPGP-Keyserver (OPKS) wwwkeys.ch.pgp.net
The keyserver where pgp.cs.uu.nl retrieves keys for the statistics.
Here's a quick link to add a key to make sure your key is included in the strong set (if it does have signatures from the strong set that is). However, the keyserver connects with other keyservers, so usually that shouldn't be necessary.
Public Key Server Commands
keyserver.kjsl.com has a little different view on keys but doesn't retain photo IDs.
Info on the Replicated WWW Based PGP 5.0 Key Server System
Search form at www.de.pgp.net/wwwkeys.html, others are at, ca, ch, cz, de, dk, es, nl, uk and us.
Top Level page for www.pgp.net
German mirror.
PGPnet choose
Let the server guess a mirror near to you.
Do NOT use MIT PGP Key Server
This server uses old software and is a bit dumb, it doesn't understand multiple subkeys or subkeys with multiple signatures and treats them as errors, throwing away the elements and effectively crippling keys. I strongly suggest you use a different server.
David Ross -- PGP Public Key Servers
List of key servers with annotations.
RedIRIS - PGP Keyserver Synchronization Graph

Keysigning

The Keysigning Party HOWTO
Introduction to keysigning parties by V. Alex Brennen.
Efficient Group Key Signing Method
Speedup of fingerprint verification step in large keysigning parties.
Keysigning Party Methods - The 'Ad Hoc' Method
The 'Ad-Hoc' method (which is basically a fancy shmancy way of saying "the standard way keysignings have always been done!") is best suited to small groups since it can quickly become chaotic with large numbers of people and does not scale well. However, it requires little or no planning so is very easy with small groups.
Keysigning Party Methods - The 'Sassaman-Efficient' Method
The 'Sassaman-Efficient' method is based on a proposal by Len Sassaman to efficiently manage large keysigning events. It is well suited to large groups. There is also a modified version known as the 'Sassaman-Projected' method.
Keysigning Party Methods - The 'Sassaman-Projected' Method
The 'Sassaman-Projected' method is a modified version of the 'Sassaman-Efficient' method and is well suited to large groups.
The principle difference is that instead of having a folded back line of participants when it comes time to check IDs, a document projector is used to display the ID of each person in turn so that every other participant can clearly see it at the same time. Each participant's ID is therefore examined by everyone else present simultaneously, instead of by each in turn, and the event duration scales linearly with number of participants.
pgp Key Signing Observations: Overlooked Social and Technical Considerations - The Community's Center for Security
Social Implications of Keysigning
Debian -- Keysigning
PGP Tools
PGP Tools is a collection for all kinds of pgp related things, including signing scripts, party preparation scripts etc. The caff (CA - Fire and Forget) script is a successor of CA-Bot, much easier in handling.
CA-Bot
Precessor of caff of the PGP Tools (see above). CABot is a set of scripts that help managing some parts of a PGP keysigning process. It sends encrypted challenges to UIDs of an OpenPGP key, analyzes the replies and assists the key owner in signing them.
PGP Key Signing Party Keyserver
pgp-kspkeyserver scripts, used at FOSDEM'09 keysigning
Savannah: Project Info - keylookup
dtype.org - keyanalyze
Analysis of a large OpenPGP ring
DFN-PCA: Policy Certification Authority des Deutschen Forschungs Netzes e.V. (DFN)
CAcert.org
Free digital certificates!
Biglumber - key signing coordination
PGP: Graphing The Trust
sig2dot GPG/PGP Keyring Graph Generator
sig2dot.pl can be used to generate a graph of all of the signature relationships in a GPG/PGP keyring, like those resulting from keysigning parties, or the Debian Keyring (of all Debian developers). It converts the output of "gpg --list-sigs" to a .dot file, which is a graph definition that can be rendered by springgraph or graphviz.
GPG/PGP Signature Path Tracing
sigtrace.pl traces a signature path through a keyring.
Mutt GPG Signature Tracing
mutt-sigtrace is a wrapper for sigtrace to display signature paths from you to the key which signed an email, automatically, in mutt.
Wotsap
Web of trust statistics and pathfinder, group matrix generator and key lister.
Did you know that the strong set of keys, those where all keys are connected by their signatures, forms a leaf in a graphical representation? The Leaf of Trust.
PGP pathfinder and key statistics
The statistics and the trustpath form on top of this page link to it.

misc

Key management using a USB key
Mail thread on the Debian devel list.
manage-keys
udev keyloader: script for loading ssh/gpg keys off of usb media.
Gnu Privacy Guard Agent (GPG) (debian-administration.org)
How to setup the passphrase agent for GnuPG that saves you from having to type in your passhphrase a gazillion times per day.
Freies & sicheres IM mit Jabber & OpenPGP - Inhalt
gnupg - Plugin for transparent editing of gpg encrypted files. : vim online
freenigma gmbh
freenigma adds privacy technology (with strong e-mail encryption) to your favourite webmail service.
The Strong Distribution HOWTO
g10 Code - Products - Card
The OpenPGP Card is a specification of an ISO 7816-4,-8 compatible smartcard and also an actually available implementation of this specification as a standard sized card.
kc-Shop
kernel concepts SmartCard products.
GnuPG SmartcardHOWTO
GnuPG supports the use of smartcards. This HOWTO explains how to install and work with these cards.
Fun things you can do with a PGP/GnuPG key
Validome valid HTML 4.01! W3C valid HTML 4.01! Home ../../bookmarks