PGP KeyRing (Trial Version)
by: Adam Wasserman • 33
Manage your Web of Trust!
Which key rings have you certified, and which key owners have vouched for the key rings you currently hold? What trust have you accorded to them, and what relevance does it have?
Decide for yourself.
* Create and manage key rings
* Encrypt, sign, verify, and decrypt files and text messages
* Import key rings from File, Key Server, or Bluetooth
* Export key rings to File, Key Server, Mail, or Bluetooth
* Support for HKP key servers
* Assign nicknames and trust to key owners
* Set your own policy for key validation
* Integrates seamlessly with the Squeaky Mail email client for creating and decrypting PGP inline and PGP/MIME messages
With PGP KeyRing for Android, you can easily certify and exchange key rings and continually expand your Web of Trust.
DIFFERENCES BETWEEN PAID AND TRIAL VERSION
* Only accepts up to 3 key rings, one of which may be your secret key ring
* No password cache (you'll have to enter your password each time your secret key ring is accessed)
* Unknown signature keys are not automatically looked up
* No support for OpenPGP Smartcards
* Switches to PGP KeyRing for encryption/decryption instead of accessing it "under the hood"
Many thanks to Isildo Mendes for the Portuguese translation!
PGP KeyRing conducts strict tests on the contents of the key rings you import. All assertions - user ids and email addresses, subkeys, certifications, and revocations - are thoroughly verified. Are the digital signatures backing these claims valid? If the answer is "no" for any portion of a key ring you attempt to import, it is rejected in its entirety. You can therefore be sure that any key ring accepted into PGP KeyRing was not tampered with en route to you and is perfectly genuine.
For this reason, third party certifications (for example, by your friends) will only be recognized if the certifier's public certificate has also been imported. Access to the certifier's public key the only way PGP KeyRing can be sure the certification is actually genuine.
PGP KeyRing can be used seamlessly by Squeaky Mail to send and receive encrypted messages. Squeaky Mail is based entirely on the popular, open source email client K-9 Mail.
PRIVACY: PGP KeyRing stores your private keys - encrypted using a block cipher algorithm and protected by your password - locally on the phone. They are only ever used to perform the encryption operations YOU have specified. They are NEVER transferred off the phone. (The Internet permission is used to access Key Servers and the help page.) In fact, if you try and export your private keys by Mail or Bluetooth, PGP KeyRing will only transfer your public keys. Secret keys can only be exported to FILE locally on the phone. You decide what happens from there. Similarly, PGP KeyRing does not collect metrics on how you use the app, nor does it transmit any information related to your identity.
PGPKeyRing uses the CAST5 algorithm to store secret key rings. As of version 2.2, it uses the SHA-512 algorithm for key bindings and certifications. Also, a key holder's expressed algorithm preferences are ignored. You as the sender can decide which signature and encryption algorithms to use.