PGP Keys

You know I have had a PGP key for over 5 years, and it finally expired on me. I haven't used it much other than file encryption because there hasn't been a clean way to integrate it into mail. When I was using Netscape mail under Linux there was no easy way. Eventually Seahorse came out for Gnome and was a nice interface for GnuPG to atleast keep me off the CLI. Lately with my development being on XP I have been forced to use Outlook Express, and Zim's new PGP 8.0 will not work with OE 6... which really pisses me off. I have had to use gpg through cygwin to get anything done.

Recently with my communications with the National Research Council (NRC) and the Communications Security Establishment (CSE) I have had to revert in using PGP encryption again for both documentation and communications. Kind of refreshing actually... since X509 certs seem to dumb down peoples thinking that an documents attached which are signed and encrypted will be secure once they "save to disk"... which isn't the case at all. Anyways, I got to a point I was curious to see if any conduits existed (glorified MUA plugins) and sure enough... I found one for GPG and OE.

The fellows over at WinPT have written the GPGOE plugin for that specific purpose. And its works pretty well. There is a conflict issue in that you can not digitally sign with X509 certs when the GPGOE DLL is running... but thats easy to turn off so you get the best of both worlds. I had a problem when digitally signing an attachment, and I will need to check out what happened to see if it may be an issue with my keyring or not.

With the new company started, and my old key expired I decided to generate a new 2048 bit key yesterday. If you would like my new GPG/PGP key, you can get it here.

With that said, I need to go take care of getting some documents to Ottawa. I'm outta here. L8r.