-----BEGIN PGP SIGNED MESSAGE----- Welcome to the MacPGP2.6 (1.1.1) Distribution of June 9, 1994. If you are reading this file, you have already extracted the first auto-expanding archive. You will find that besides this README file you also have an executable file named "MacPGP2.6-Installer" and a "MacPGP2.6-Installer.asc". You will note that this folder is named "MacPGP2.6-Setup", more on this later. The ".asc" file is a detached (ASCIIified) digital signature from Jeffrey I. Schiller computed over a *MacBinarized* version of the Installer. To verify this digital signature you should: First unpack MacPGP2.6-Installer by double clicking on it. It will place the PGP executable and other relevant files in a subfolder of this folder named "MacPGP2.6 Folder". If you already have a pubring.pgp and secring.pgp file, these should be placed in the "MacPGP2.6 Folder". If you don't already have a key then the first thing you want to do is READ THE MANUAL which is included in the "doc" subfolder of the MacPGP2.6 Folder (it resides in two files, one for each volume). Assuming that you have read the manual and generated your keys (or copied in your old keyfiles) then you should incorporate the "keys.asc" file in the MacPGP2.6 Folder. This file contains the PGP keys of various PGP developers and other interesting people. My key (which you need to verify the distribution as well as this message) is included in this file. Btw. Its key fingerprint is: Type bits/keyID Date User ID pub 512/4D0C4EE1 1992/09/10 Jeffrey I. Schiller Key fingerprint = BF 26 FA 39 50 04 5C BF 80 51 E3 52 4A 16 DF 96 Now you can verify the original distribution kit digital signature (yeah!). To do this use the MacBinarize (command-B) option of MacPGP2.6 to MacBinarize the MacPGP2.6-Installer self extracting archive. You then "decrypt" the MacPGP2.6-Installer.asc file. Because this is a detached signature, PGP will ask you (in a file dialog box) to specify the original file upon which the signature was computed. Specify the MacBinarized output file from the previous step (it will be the file that ends in a ".bin"). If all goes according to plan, this signature should verify correctly. If the signature doesn't verify, then you either did something wrong *or* you have received a tampered copy. In either event you cannot be certain that you have a good copy of the distribution!!! Once you have verified the signature you can move the MacPGP2.6 Folder out from under the MacPGP2.6-Setup folder. Everything left over in the MacPGP2.6-Setup folder can be considered trash (including this message ;-). -Jeff P.S. If you want to give MacPGP2.6 to others, give them the original distribution (so they can have fun verifying signatures as well :-) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAgUBLfeSQFUFZvpNDE7hAQHlKQH/dhBbckLrAtkZXG93lNHhp2ypUQ02XSWR ZnvWNxRTgooO/jkVc3ZFSWBsn2+z3tqPuompMAQeNgjVHSOXH/KlHA== =MA3b -----END PGP SIGNATURE-----