-----BEGIN PGP SIGNED MESSAGE-----


        PGP version 2.6.3ia-multi06

1. Supports CAST5, IDEA, Blowfish, Twofish, AES, 3DES ciphers for encryption.
2. Supports MD5, SHA1, RIPEMD160 and SHA2 message digest algorithms.
3. Supports RSA keys up to 8196 bit.
4. Does not choke DSS/DH signatures and keys found in key files.
5. Supports key expiration time.
6. Allows to change "Version: " line.
7. Allows to calculate file hash.
8. Allows to hide recipients KeyID and display 64 bit KeyID.
9. Can be used everywhere in the world and outside.

===

1. PGP 2.6.3ia-multi06 is based on 2.6.3(i)a and can use IDEA, CAST5,
Blowfish, Twofish, AES128/192/256(Rijndael) and 3DES ciphers for encryption.

It is compatible with PGP 2.6 (when using IDEA),
PGP 5.x, 6.x (when using IDEA, CAST5 or 3DES),
PGP 6.5.8.ckt06 (when using IDEA, CAST5, Blowfish, Twofish, AES or 3DES),
PGP 7.x (when using IDEA, CAST5, Twofish AES or 3DES),
GnuPG 1.06 and later (when using CAST5, Blowfish, Twofish, AES or 3DES),
GnuPG 1.06 and later (when using IDEA and GnuPG have IDEA module loaded).
More about compatibility read in file compat.htm

To make PGP version that is completely free of patented
algorithms (IDEA) define DISABLE_IDEA
Disabling IDEA cipher will make it incompatible with other PGP 2.6 versions.

To change default cipher add one of following lines in file config.txt:
cipher_algo = idea
cipher_algo = cast5
cipher_algo = 3des
cipher_algo = blowfish
cipher_algo = twofish
cipher_algo = aes128
cipher_algo = aes192
cipher_algo = aes256

There is also command line options for selecting cipher:
 -ji for IDEA
 -jc for CAST5
 -jd for 3DES
 -jb for Blowfish
 -jt for Twofish
 -ja for AES128(RIJNDAEL)
 -je for AES192(RIJNDAEL)
 -jr for AES256(RIJNDAEL)

Command line option will override cipher defined in config.txt.

Cipher only needs to be selected when encrypting.
When decrypting PGP will automatically find what cipher is used.

===

2. PGP 2.6.3ia-multi06 can use MD5, SHA1, RIPEMD160 and SHA2 (SHA256/384/512)
message digest algorithms for signing. For conventional encryption and key
protection MD5 is still used. SHA2 can be only used for file (message)
signing, for key signing MD5 is still used.


It is compatible with PGP 2.6 (when using MD5),
PGP 5.x, 6.x, 7.x, GnuPG (when using MD5, SHA1 or RIPEMD160).
More about compatibility read in file compat.htm

To change default message digest algorithm add one of following lines in
file config.txt:
hash_algo = md5
hash_algo = sha1
hash_algo = ripemd160
hash_algo = sha256
hash_algo = sha384
hash_algo = sha512

There is also command line options for selecting message digest algorithm:
 -jm for MD5
 -js for SHA1
 -jp for RIPEMD160
 -ju for SHA256
 -jv for SHA384
 -jw for SHA512

Command line option will override cipher defined in config.txt.

Message digest algorithm only needs to be selected when signing.
When verifying signature  PGP will automatically find what message digest
algorithm is used.

===

3. This PGP version also supports RSA keys up to 8196 bit.
16 bit DOS versions built with MSVC15 and BC3.1 supports RSA keys only up
to 4096 bits.

===

4. Unlike other PGP 2.6.x version this version will not import v4 signatures
made by newer PGP versions into it's keyring.
This means that RSA keys signed by DSS/DH keys can be imported and used.
DSS/DH keys, DSS v3 signatures and RSA v4 keys also will not be imported.

===

5. This version supports key expiration time.
It allows to set key expiration time (whe generating keys)
and shows key expiration time.
It also shows signature timetamps.

===

6. Allows to change "Version: " line.
If you don't like that it displays version "PGP 2.6.3ia-multi06"
you can put this line in the config.txt file:
version = "PGP 9.8-super"
Change it to read whatever version string you wish the program to display.

===

7. Allows to calculate file hash.
Now there are -g option that allows to calculate file hash:
pgp -g filename

===

8. Allows to hide recipients KeyID and display 64 bit KeyID.

With "+throw_keyid" option PGP does not put KeyID into encrypted packets. This
option hides the receiver of the message and makes traffic analysis harder.

to encrypt and hide KeyID:
pgp +throw_keyid -e file recipient

There is also "+random_keyid" option. It works just like "+throw_keyid" but the
KeyID is replaced with random value instead of all zeros.

to encrypt to fake random KeyID:
pgp +random_keyid -e file recipient

to decrypt such message:
pgp +random_keyid file
or
pgp +fake_keyid=1 file

There is also "+fake_keyid" option. It works just like "+throw_keyid" but the
KeyID is replaced with user selected KeyID instead of all zeros.

to encrypt to fake user selected KeyID:
pgp +fake_keyid=1234567890abcdef -e file recipient

"1234567890abcdef" is 64 bit KeyID,
it should be exacly 16 hex chars long, without "0x" prefix

to encrypt to multiple recipients:
pgp +fake_keyid=1234567890abcdef9876543210defabc -e file recipient1 recipient2

KeyID of first recipient will be replaced with "1234567890abcdef",
keyid of second recipient will be replaced with "9876543210defabc".
there should not be any separator between KeyIDs.

to decrypt such message:
pgp +fake_keyid=1 file

"1" can be any string

to decrypt such message with gpg:
gpg --try-all-secrets file


There is also I added "+long_keyid" option. When it is used pgp displays 64 bit keyids.

These options can also be used in config.txt file (without leading "+").

===

9. This version can be used everywhere in the world (well.. maybe except some
really bad countries) and outside it (orbital stations, Mars bases...)

When compiling do not define USA, even if you are in USA.
RSA patent is expired, so there is no need to use RSAREF.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia-multi06
Charset: noconv

iQEUAwUBPMP5PHgh9RDtl78/AQEDAAf3XiLZs7tqiPTPR+ppHGKaZ8hFljxELgWA
mPD8bCkEyZoBBC4H7ijmgyK0JSLLe+t7cG0cfJETqioVG8vp4JlxaBKo7Y71ck21
5wGZhj3mncSZS/Cq7ZtE8DwX6Oi6/+Sb861ZtMGNJAMkYi6H0zSLaNTbj3vUVpxf
l5ceXnDx5jSZI8l22gqspspKpb5tk4cl0wy0gWsZiHDPQsNRRlY9uUirQOrru0HX
V/e5KfA/YykvoJv20oU7ZKaLujPLw1FXbuNr8qk8TujG3dPCw9N7VmcsEaXS8r2/
EO7ie3wloKRAZ3T5dI1OdgnMKkqFbR51gflSY1QZRze5WnEx+UlO
=1rDc
-----END PGP SIGNATURE-----
