-----BEGIN PGP SIGNED MESSAGE-----

This is the C-KT build of pgp, it is based on the v5.5.3 source code
released by pgpi.com.

*************************************************************
*           FEATURES IN THIS BUILD - 5 JULY 1998
*************************************************************
*  1) Support for RSA keys up to 16384 bits.
*  2) Support for DH Keys up to 8192 bits.
*  3) User selectable support for DSA keys up to 2048 bits.
*  4) Expanded List of key servers.
*  5) Easy one click key size selection in key size wizard dialog.
*  6) Enhanced signing key dialogs, with DS key size & Key id info
*  7) Enhanced PGPLog with key ID column.
*  8) Enhanced Decrypt Dialog with more key information.
*  9) Root Directory problem fixed.
* 10) Wipe Function fixed
* 11) Floppy disk prompt when keyring is on diskette.
*************************************************************

It has been modified to allow the use and generation of RSA keys up to
16384 bits in length.

It has also been modified to allow the use and generation of DH keys up to
8192 bits in length with DSA keys up to 2048 Bits in length.

The 2048 bits DSA key used to be supported in the PGP5.0 beta release and
was subsequently limited to 1024 bits in the final releases of pgp5.0 and
pgp5.x.x.  I must thank The owner of the cypherlist watch mailing list,
Mr. Mark Anthony Berry, for pointing this out to me, and suggesting that
the 2048 bits DSA key length capability be restored to pgp5.5.3.

How is the DSA key size determined?  The maximum DSA key size is selected
by the user in the key size wizard dialog's DSA key size group of radio
buttons, namely, the "up to 1024 bits" and the "up to 2048 bits"
radio buttons.

The DSA key size is set either to the same size as the DH key or to the
user specified maximum DSA key size, which ever is smaller.

When the DSA key size is greater than 1024 bits pgp5.5.3 uses the double
width NIST SHA-1 hash algorithm.  This algorithm is supported in all the
of the pgp5.x.x implementations.

I have added some key servers, namely, pgp.ai.mit.edu, pgp5.ai.mit.edu
(Bal's Key servers), and those of the pgp.net.

The default server in this build is: Idap://certserver.pgp.com.

I have enhanced the key size dialog which now presents to the user radio
buttons with all the supported key sizes in 1k bits increment.  So that,
selecting a key size is as simple as clicking on the desired key size
radio button.

I have enhanced the signing key dialogs, it is now wider and the combo box
shows the user ID, full key size information including the DS key size,
and the key ID.  Many Thanks to Mr. Michael Ray for proposing this change.

I have also added a KeyID column to pgplog.  I must give credit to Lincoln
Yeoh and the anonymous poster of a message in alt.security.pgp, for this 
handy enhancement to pgplog.

The KeyID column modification in this build implements a much cleaner 
patch to SigEvent.c as suggested by Lincoln Yeoh and later fixed by 
the original anonymous poster.  Many thanks to both Lincoln Yeoh and
the anonymous poster.

This build also implement the enhancements to the decrypt dialog as
suggested by the anonymous poster.  This makes the decrypt dialog box more
user friendly and informative.

1) It shows the full user ID in the first column, the key size in the
   second, and the key ID in the third.

2) It displays the key ID of any unknown private keys.  The user ID 
   will be reported as "Unknown Private Key" and the size will be 
   reported as "???"

3) It places a key pair icon to the left of the user ID.  This will 
   show whether the key is RSA or DH and whether it's active, 
   expired, revoked, or not on your secring file.  Unknown keys 
   will display a question mark icon.

Please note that for both of the above enhancement the Key ID will be
reported correctly in these two instances:-
1) if the key is an RSA key or 
2) if the key is DH/DSA and is in your key ring.
That is, if the key is a DH/DSA key, and it is not in your keyring the Key
ID of the DSA key will be reported instead of the DH key ID.

The full text of the usenet posting is available in the file pgplogmod.txt.
If you have agent you may just import this file for easy reading.

There was a problem in pgp5.5.3 which caused an un-controled proliferation
of key ring backups to occur when the key rings were stored in the root
directory.  This problem has been addressed in a safe manner in this build.

This build implements the wipe function fix as suggested by Mr. John P.
Maassen.  It ensures that file is physically flushed to disk before it
is closed and deleted.  Many thanks to Mr. John P. Maassen for this fix,
see pgplogmod.txt for details about this fix.

In this build, if the secret key ring is stored on a diskette, the user
is prompted once per program session to insert the floppy into the disk
drive, so as to prevent an endless spin of the diskette drive when the
user forgets to load it with his key ring diskette.

I have added some links in the about dialog to the Cyber-Knights Templar
home page, Marty's home page, and the Replay.com ftp site.

The build information is now reported in the about dialog.

This version of of pgp identifies itself as:-
"PGP Cyber-Knights Templar build 5.5.3ckt".

Please note that all my public keys may be found in the signatures
directory in the pgp install directory.

Please also note that the PGP Outlook Express plugin is not included in
this build.  Since the source code, as far as I know, has never been
released by NAI.

For those seeking the Outlook Express plugin, please check in this url for
the most recent version:-

ftp://ftp.replay.com/pub/replay/pub/pgp/pgp50/3rdparty/outlook/

***************************************
* About Large Keys.
***************************************

According to the Open PGP standard, and the source code for PGP5.5.3,
a PGP key can be as large as 64k bits (65536 bits) in length.  However,
certain limits have been set too low in the current releases of pgp.
Consequently, these limits may constrain and thus choke a plain vanilla
implementation of pgp when dealing with very large keys.

For more information of the Open PGP standard please refer to the
following IETF internet draft:-

http://www.ietf.org/internet-drafts/draft-ietf-openpgp-formats-05.txt

In short, it is an implementation issue, and the changes required to enable
a given implementation of PGP to handle large keys are implementation limits
which may easily be adjusted.

Therefore, please note that some versions of PGP that lack very large key
support may not be compatible with RSA keys larger than 8192 bits in length.

Also note that some versions of PGP that lack very large key support may
not be compatible with DH keys larger than 4096 bits in length.

According to tests done thus far, any pgp5.x.x implementation should be able
to handle DSA keys up to 2048 bits in length.

Also note, that very large keys in general take a long time to generate,
and that large DH keys take considerably more time to generate than RSA
keys.

In order not to confuse the user, the following changes were made to the
source code:-

In the keygen wizard's RSA key size dialog, changed caption next to the
Custom key edit text box to read :"512 - 16384 bits".

In the keygen wizard's DH/DSA key size dialog, changed caption next to the
Custom key edit text box to read :"512 - 8192 bits"."

If the RSA key size is greater than 8192 bits, a warning dialog message is
issued as follows:-
"Warning versions of PGP that lack very large key support
may not be compatible with RSA keys larger than 8192 bits.
Proceed using your specified key size?"

If the DH key size is greater than 4096 bits, a warning dialog message is
issued as follows:-
"Warning versions of PGP that lack very large key support
may not be compatible with DH keys larger than 4096 bits.
Proceed using your specified key size?"
********************************

I have built this version for my own personal use.  I can state that as far
as I am aware, there are no back-doors in this build, that the program can
generate and use RSA keys up to 16384 bits in length, DH keys up to 8192
bits in length with DSA keys up to 2048 bits in length, and that the
integrity of the program has not been compromised by my modifications.

Please note, that this is not a "Warezed" version of PGP.  And I, the
compiler of the source code, hereby declare that I do not own or claim
ownership of the binaries so produced.  It is being made available "Gratis"
to facilitate the process of satisfying the PGP users community that the
current commercial release of PGP is still secure and trustworthy. 
Therefore, it is my fervent hope, that all users of this package observe
all applicable laws with regards to copyrights, patents, and other laws
that may govern its use.

Finally, many thanks to all the users and beta testers who have contributed
to this release, your input has been very valuable to us.

Best Regards,
and Happy Encrypting,

Imad R. Faiad

DISCLAIMER
THIS SOFTWARE AND THE ACCOMPANYING FILES ARE DISTRIBUTED "AS IS"
AND WITHOUT WARRANTIES WHATSOEVER, EXPRESS OR IMPLIED.
SO USE IT AT YOUR OWN RISK.
-----BEGIN PGP SIGNATURE-----
Version: PGP Cyber-Knights Templar build 5.5.3ckt

iQCVAwUBNZ/xVXyxk99nTXwHAQGS8AP6AsQqkN+MosSGPljRbe5MhwrhoLvOL0IN
FajcHuFjV6WED3CvyolznvN85rGEi6aZxwlI8Oo21cWGdZ1gIaRTPrmchyZpZRSi
iag63N3jJAaUVVPAh8xhkKP5RydUspMLten5wxyG4bN/FHTCwYNiSCXfgMnYvSNw
Bu+L7ZkRhSU=
=fJvO
-----END PGP SIGNATURE-----