Computing

1) Get GPG binary from www.gnupg.org -download gnupg-w32cli-1.4.3.exe (latest version of GPG as of 6/12/06)

2) Validate signature of downloaded file using “sha1sum.exe” program (“sha1sum.exe” is downloadable from the www.gnupg.org Web site as well; is command-line tool to show digital signatures of files)

3) Install GPG by double-clicking on it

4) Some decent instructions can now by found in the GPG documents, particularly GnuPG.readme, and GnuPG.readme.Windows. You should read these documents.

5) Generate your own keys and keyring

 gpg --gen-key`</code>`
At this time, you will be prompted to create a password for your use in encrypting and decrypting files.  It will prompt you for a userid, comment, and email address...

6) Create a Public Key for sharing with others. 
A person can readily share this public key by exporting it to an ASCII file--
`<code>`
 gpg --export -a -o [[filename.asc]] [userid]  `</code>`
(where userid might be your own userid, or in this case, typically your Windows account name. The output filename would be [[filename]].asc and is an ASCII format file that contains your public key). It is a good convention to use the filename extension of "asc" to indicate it is an ASCII (plain text) file.`<br>`
`<br>`
A public key in ASCII format (Which might be named "jones.asc" if your account name is "jones") looks something like this:

`<code>`
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v1.4.3 (MingW32)
 3IP1ihLtj5WN1wyDYzEuXka2BmAAsxUdWD83rxryp6kWgMaeNl7LdwoCDdhG2mc4
 j2HoF/tlK8HJm4NFJeKO1+szd26tNNrttrertetetewZ9AeqCxOMjA1Nqe+6oytwCgs9hM
 ZJ7e3yaqpAUiq5Wobp1nevsD/3PbayZLswite79HYq44kca0KkSdu4xX3eidCVSMVD
 klxixR9WgtO1BBht0iwJYJ9altKVpG5rte9esENFQcjUEGIIodrj+T4/CQb55wTA
 pzbnIdkwQC4kXaGP0yESODMrJ+/yHetswtKVb3pPG7B/z62vPvYR1t56DmIvQUIHa
 /hAA/95CkfskWQqp7HJPRnmZgEfertTixv62Mnpvj0WN1NhJ6wlTMACWAtW3H69Rdu
 KyqlIsN9gf6KjFI6LK5c3sFZm/h0NrtVvfRzMhCXaXfwH2V7zG6774^%zAkTAglSJ/ROz
 WLTvjFKhssUfFYi3BLTUNjvKUwE0mmyC4/lWpdqqvuXaDCA+yFfxvMWAKAuyW2hcK
 OmR5110umgfds13AfUA4CqUlp0ofLAWQkZ/ayyPeNWByzcmJ97rbZBrwiFD3rlk6b/4O
 kMZIY4hJBBgRAgAJBQJEjePdAhsMAAoJECyfSj2OwCxsbaAAn021bE16y0kyupnO
 sUISZcZ6E4l1AdsgJ9l4/AU3NlUFvrWtjJfeuyaHU8yTA =====
# NzDLg
 -----END PGP PUBLIC KEY BLOCK-----`</code>`

7) Import the keys of other people whom you trust.  You must get their public-key (see step 6) for this. 

Once someone has given you their GPG Public key, you must import it to your keyring:
`<code>`
 gpg --import [[filename]]`</code>`
where [[filename]] might be something like "jones.asc"

8) Get general help with gpg options and usage
`<code>`
 gpg --help`</code>`

9) Digitally sign a file
`<code>`
 gpg -s [[filename]]`</code>`
Creates a GPG digitally-signed copy of that file, called [[filename]].gpg


  * To encode the file in ASCII format for attachment to email, use
`<code>`
 gpg -sa [[filename]]`</code>`
Which creates a GPG digitally-signed copy of that file in ASCII format, called [[Filename]].asc

10) Verifying a digitally signed file
If you get a GPG digitally-signed file, and want to verify who it is from--
`<code>`
 gpg --verify [[filename]]`</code>`

11) Encrypt and sign a file
In order to both sign a file, and encrypt it so that only specified other users (for whom you have their public key) can decrypt it---
`<code>`
 gpg -er   [[recipients]] [filename]`</code>`
creates a file called [[filename]].gpg that is encrypted, and can be decrypted only by the person (recipient) whom you encrypted it for
`<code>`
 gpg -ers [[recipient]] [filename]`</code>`
does the same as above, but also digitally signs it with your signature.

12) Decrypt a file
If someone sends you an encrypted file, intended for decryption by you--
`<code>`
 gpg -o -d [[decrypted-filename]] [encrypted-filename]`</code>`
where the [[encrypted-filename]] typically has a ".gpg" extension
Long format:
`<code>`
 gpg --output [[decrypted|-filename]] --decrypt [[encrypted-filename]] `</code>`

13. Seeing whose public keys are on your own keyring
`<code>`
 gpg --list-keys     (to see just the keys)`</code>`

14. How to assign levels of trust to keys in your keyring

TBD

15. Migrating your keys to another machine and/or operating system

TBD