Thank you for using Network Associates' products.
This What's New file contains important
information regarding PGP Desktop Security.
Network Associates strongly recommends that you
read this entire document.
Network Associates welcomes your comments and
suggestions. Please use the information provided
in this file to contact us.
Warning: Export of this software may be restricted
by the U.S. Government.
WHAT'S IN THIS FILE
FIXES IN THIS RELEASE
NEW FEATURES
- PGPnet
PGPnet is a landmark product in the
history of PGP. PGPnet secures all TCP/IP
communications between itself and any other
machine running PGPnet. It is also highly
interoperable with the Gauntlet VPN
firewall/gateway product family providing
a complete solution for corporate remote
access VPNs using the industry standard
IPSec (Internet Protocol Security) and IKE
(Internet Key Exchange) protocols. PGPnet has
been successfully tested with Cisco routers
(requires Cisco IOS 12.0(4) or later with
IPSec TripleDES), Linux FreeS/WAN, and many
others. PGPnet is also the first IPSec product
to fully support the use of OpenPGP keys for
authentication in addition to X.509 certificates.
- Self-Decrypting Archives
You may now encrypt
files or folders into Self-Decrypting Archives
(SDAs) which can be used by users who do not even
have PGP. The archives are completely independent
of any application, compressed and protected by
PGP's strong cryptography.
- X.509 Certificate and CA Support
PGP is now
able to interoperate with the X.509 certificate
format. This is the format used by most web
browsers for securing the transfer of information.
PGP supports the automated request of certificates from
Network Associates' Net Tools PKI, VeriSign's
OnSite, and Entrust certificate authorities.
X.509 certificates are analogous to a PGP
signature, so you can even request X.509
certificates on your existing PGP key. This
feature can also be used to interoperate with
existing VPN solutions based on X.509.
- Integrated PGP Command Line
This version
incorporates the popular command line version of
PGP for Windows platforms. This product provides
you a convenient way to integrate PGP with
other Windows applications and automated processes
on your desktop system. Please note that this
is intended for single user/workstation use. For
use on servers, customers are required to purchase
the PGP e-Business Server product. Please contact
your local Network Associates Sales representative
for more information.
- Automated Freespace Wiping
PGP's Freespace Wipe
feature now allows you to use the Windows Task
Scheduler to schedule periodic secure wiping
of the free space on your disk.
- Hotkeys
The Use Current Window feature has been
significantly enhanced by the addition of Hotkeys.
By using a configured key combination, the
Encrypt/Decrypt/Sign functions can be automatically
invoked without using PGPtray. This feature is very
useful for users using messaging applications that
PGP does not currently have a plug-in for, such
as Netscape Messenger.
- Fingerprint Word List
When verifying a PGP public
key fingerprint, you can now choose to view the
fingerprint as a word list instead of hexadecimal
characters. The word list in the fingerprint text
box is made up of special authentication words that
PGP uses and are carefully selected to be
phonetically distinct and easy to understand
without phonetic ambiguity.
- Support for Outlook 2000 and Outlook Express 5.0
This version of PGP adds support for sending and
receiving encrypted email in Microsoft Outlook 2000
and Outlook Express 5.0.
- HTTP Proxy Support
If you are behind a corporate
firewall with an HTTP proxy server, PGP now
supports accessing HTTP keyservers through the
proxy. To use this feature, you must configure
the proxy server address in your Internet Explorer
preferences.
- Smart Word Wrapping
The word wrapping in PGP now
automatically rewraps paragraphs and even quoted
paragraphs resulting in much cleaner signed
messages.
PGP enhancements
- Support for Windows 2000 operating systems.
This
release of PGP introduces support for Microsoft's
latest releases of Windows. All PGP functionality is
available in Windows 2000 except PGPnet. PGPnet will
support Windows 2000 in future releases of PGP.
- Lotus Notes plug-in integrated.
PGP now includes an
integrated plug-in for Lotus Notes 4.5x - 4.6x
clients. This feature extends PGP's strong
encryption and authentication services to Lotus
Notes users.
- Support for Novell GroupWise via new plug-in.
This
release of PGP marks the introduction of support for
Novell GroupWise 5.2.3, 5.2.4, and 5.5.x via
a new plug-in. This plug-in further extends PGP's
broad messaging platform coverage to another
critical platform used in many enterprises today.
- Windows 2000 IPSec interoperability.
PGPnet
running on non-Windows 2000 systems can establish
VPN connections with the built-in Windows 2000
IPSec client. (The Windows 2000 system must be
running the Windows 2000 High Encryption Pack.)
- New PGP Notes Plug-in Server Wizard.
If you have
installed the PGP Lotus Notes plug-in on your Lotus
Notes clients, you can run the PGP Notes Plug-in
Server Utility to easily configure the appropriate
Domino server(s). The PGP Notes Plug-in Server
Utility enables you to configure the Domino server(s)
for PGP Lotus Notes plug-in usage and configure
individual user(s) databases so they can take
advantage of this new PGP plug-in.
- Intel Pentium III Random Number Generator (RNG)
support.
If your computer is equipped with the
Intel RNG, PGP will use the random data generated by
the chip in addition to our own entropy collection
whenever random data is needed for key generation
and encryption. The Intel RNG is currently only
available with select Pentium III chipsets,
including the Intel 810 chipset.
- Automatic email plug-in pre-selection.
PGP will now
automatically pre-select email plug-ins to install on
your system based on what messaging applications
are installed. Nevertheless, you are still
able to change the selected plug-ins at install time.
DOCUMENTATION
Also included with this release are the following
manuals, which can be viewed on-line as well as printed:
- Introduction to Cryptography
- PGP Administrator's Guide
- PGP Installation Guide
- PGP User's Guide
- PGP Command Line User's Guide
Each document is saved in Adobe Acrobat Portable
Document Format (.PDF). You can view and print these
documents with Adobe's Acrobat Reader. PDF files
can include hypertext links and other navigation
features to assist you in finding answers to
questions about your Network Associates product.
To download Adobe Acrobat Reader from the World
Wide Web, visit
Adobe's Web site.
This release also includes integrated online help
in Microsoft Windows Help format:
- PGP online help
- PGPdisk online help
- PGPnet online help
Documentation feedback is welcome. Send e-mail to
tns_documentation@nai.com.
SYSTEM REQUIREMENTS
To install PGP on a Windows 95, 98, 2000, or NT system,
you must have:
- Windows 95, 98, 2000, or NT 4.0 with Service Pack 3/4/5
- 32 MB RAM
- 16 MB hard disk space for the Client install
If you plan to run PGPnet on the system, you must
also have:
- Microsoft TCP/IP
- A compatible LAN/WAN network adapter
Note: PGPnet functionality is not available for
users of Windows 95a (the original release of
Windows 95) or Windows 2000. PGPnet supports Windows 95b (OSR2),
Windows 98 and Windows NT 4.0.
KNOWN ISSUES
PGP issues
- Mismatching your keyring files can result in
data loss. Your public keyring file and private
keyring file must be kept in sync. If, for
instance, you select a public keyring file that
does not contain the public portion of your
private key and do not also change the private
keyring to the corresponding file, you and
others will not be able to encrypt to exported
versions of your key after that time. In most
cases, simply updating your key from a public
copy on a keyserver will fix this. However, it
is recommended that the keyring files always be
kept in sync. A future version is expected
to correct this issue.
- Using a Split Key as a public key for PGPdisk
will not allow reconstitution of the key through
the usual dialog provided for reconstituting
split keys. To use such a key to open a PGPdisk,
you must first rejoin the key in PGPkeys.
- Some PGP Versions 6.0 and later features are
incompatible with previous versions of PGP, so
we feature a "compatible" export format that
strips incompatible features such as Photo IDs
and X.509 certificates from keys. Selecting
"Include 6.X Extensions" in the Export dialog
enables these features to be exported. By
default, we export in compatible mode. You
may change the default in the Advanced
preferences dialog. When sending a key to a
PGP Certificate Server Version 2.0 or above,
Photo IDs always accompany the key. The default
LDAP server in PGP 6.x supports this.
- Sometimes, after a PGPdisk volume is unmounted
and placed in the Recycle Bin and the Bin is
emptied, Windows reports that the drive letter
associated with the PGPdisk volume is no longer
accessible. This behavior should cease after
the system is rebooted. This will not interfere
with the normal operation of your system.
- On Windows 95/98, the Free Space Wiper will
reset every time another program writes to your
disk while the wiping process is in progress.
This is similar to defragmentation programs,
and is required by the Operating System. For
optimal wiping, make sure to close all open
applications. On some systems with very low
amounts of RAM, it may be advisable to also
shutdown Windows Explorer.
- The Windows Explorer provides PGP with
information only about the target of a shortcut
and not the shortcut itself. If you use the
Wipe feature in the Explorer, the shortcut
itself will not be wiped. The actual target
will be wiped. When using PGPtools, the shortcut
will also be wiped.
- Hotkeys are for use with applications that
support general text editing. Using Hotkeys
with some applications may result in
unpredictable behavior.
- Hard disk utilities (such as ScanDisk) or
programs that monitor the hard disk will not run
on a drive on which a PGPdisk volume is mounted.
This is to insure that the PGPdisk volume does
not become corrupted. To use your hard disk
utilities, unmount all PGPdisk volumes on the
drive on which you wish to use the utilities.
- PGPdisk volumes accessed using an Additional
Decryption Key open with permissions set as
follows: FAT volumes open with permissions
set to read-only; NTFS volumes open with
permissions set to read/write.
- (Windows 2000 only) To support Windows 2000's
Hibernation mode, PGPdisk's Inactivity Timeout
feature is disabled on Windows 2000.
- (Windows 98 only) If you create a PGPdisk which
you plan to immediately copy to a different
drive, we recommend that you reboot before you
copy to make sure everything is written correctly.
This is only a potential issue just after
the creation of the PGPdisk, and is due to a
Windows 98 disk caching bug.
- The PGP Exchange/Outlook plug-in does not support
Microsoft Word as an e-mail editor.
- We strongly recommend that VirusScan users
upgrade to VirusScan Version 4.0.3 or later to
take advantage of the newest virus DAT file
update features.
- (Lotus Notes only) When encrypting a message
using conventional encryption, the "Enter
Passphrase" dialog box appears multiple times.
- (Lotus Notes only) Encrypt and Sign functions
do not appear in the Lotus Notes "Actions"
menu, but Decrypt and Verify do appear. The
Encrypt and Sign buttons appear in the upper
right side of the message and not in the toolbar.
- (GroupWise only) The GroupWise plug-in does not
support PGP's Secure Viewer feature, nor the
Synchronize With Servers feature.
PGPnet issues
- Do not attempt to manually uninstall PGPnet.
It is very important that you use the PGP
Uninstaller to remove PGPnet. PGPnet makes
extensive modifications to the registry and
changes the bindings on network adapters.
The PGP Uninstaller can be accessed via the
Add/Remove Programs control panel.
- (Windows NT only) As a precautionary measure, in the unusual
event that there is an incompatibility between
your network card driver and PGPnet, you can
create a "No Networking" hardware profile
prior to installing PGPnet on your system.
The "No Networking" hardware profile can be
used later if an incompatibility occurs.
To create a "No Networking" hardware profile,
right click on "My Computer," select Properties,
and then select the Hardware Profiles tab. Use
the Copy button to create a copy of the Original
Configuration. Get Properties on your copied
configuration and click the Network tab.
Finally, select the "Network-disabled hardware
profile" checkbox. Click OK to both windows
and then you are done. (Due to a Windows bug
we recommend that you restart once and
double-check that the "No Networking"
configuration is working before you
install PGPnet.)
- (Windows 95 only) You may experience a loss of networking after
resuming from standby mode. You must reboot
your machine to resume network activity.
- PGPnet is not compatible with the Intel
EtherExpress 16 driver.
- Installing virtual private network software
such as PGPnet on the same machine as a firewall
or another VPN client is highly likely to cause
problems. We recommend uninstalling the other
product prior to installing or choosing not to
install PGPnet on such a machine.
- You cannot use the default MSN dialer to
connect to MSN if PGPnet is installed.
To connect to MSN with PGPnet, use the Microsoft
Dial-Up Networking client.
ADDITIONAL INFORMATION
PGP 6.5.8 includes support for both RSA and
Diffie-Hellman key types.
CONTACTING NETWORK ASSOCIATES
For questions, orders, problems, or comments
Contact the Network Associates Customer Service department
between 8:00 a.m. and 8:00 p.m. Central Time, Monday
through Friday, at:
Network Associates Customer Service
4099 McEwen Road, Suite 500
Dallas, Texas 75244
Phone: (972) 308-9960
Email: cust_care@nai.com
World Wide Web:http://support.nai.com
Contact Network Associates Customer Service for
information about technical support
subscription plans.
For corporate-licensed customers:
Phone: (972) 308-9960
For retail-licensed customers:
Phone: (972) 855-7044
To provide the answers you need quickly and efficiently, the Network Associates
technical support staff needs some information about your computer and
your software. Please have this information ready when you call:
-
Program name and version number
-
Computer brand and model
-
Any additional hardware or peripherals connected to your computer
-
Operating system type and version numbers
-
Network name, operating system, and version
-
Network card installed, where applicable
-
Modem manufacturer, model, and speed, where applicable
-
Relevant browsers or applications and their version numbers, where applicable
-
How to reproduce your problem: when it occurs, whether you can reproduce
it regularly, and under what conditions
-
Information needed to contact you by voice, fax, or email
We also seek and appreciate general feedback.
For product upgrades
Network Associates has a worldwide range of
partnerships and reseller relationships with
hundreds of independent vendors, each of which
can provide you with consulting services, sales
advice, and product support for Network
Associates software. For assistance in locating a
local reseller, you can contact Network
Associates Customer Service at (972)
308-9960.
For reporting problems
Network Associates prides itself on delivering a high-quality product.
If you find any problems, please take a moment to review the contents of
this file. If the problem you've encountered is documented, there is no
need to report the problem to Network Associates.
If you find any feature that does not appear to function properly on
your system, or if you believe an application would benefit greatly from
enhancement, please contact Network Associates with your suggestions or
concerns.
For on-site training information
Contact Network Associates Customer Service at (800) 338-8754.
|
|