Home

Blackberry PGP User's Manual

1. Change the key store password Set how long your key store password is remembered Set how frequently the revocation status is refreshed Do not back up or restore items in the key store Shortcuts for viewing PGP key information in the PGP Keys screen PGP key troubleshooting About PGP keys A PGP key might contain several cryptographic keys including a parent key to verify signatures and one or more subkeys to encrypt messages PGP keys are generated in pairs with a public key and a private key A PGP public key binds the identity and the public cryptographic information of the PGP public key user A PGP public key is required to verify and encrypt messages PGP public keys are shared and are accessible by both message senders and recipients A PGP private key is required to sign and decrypt messages Private key information is never publicly available You can generate a PGP key using the PGP Universal Server or PGP Desktop client If you generate the PGP key using the PGP Universal Server the PGP Universal Server signs the key to verify that the key is trusted A PGP key might also contain an X 509 certificate which is used to verify and encrypt Secure Multipurpose Internet Mail Extensions S MIME messages If you use the PGP Universal Server and you have installed the S MIME Support Package for BlackBerry devices you can use these certificates to send and receive S MIME messages through the PGP Universal Server
2. Display small status icons for PGP messages Select your default PGP key Select encryption algorithms for PGP messages Set the default security options that you use to send messages Set the default message classification that you use to send messages Turn off the prompt that appears when you use a PGP key that is not recommended for use PGP message troubleshooting About digital signatures and encryption You can digitally sign a message to help the recipient verify the authenticity and integrity of the message When you digitally sign a message using your private key the recipient uses your public key to verify that you sent the message and not someone who was pretending to be you and that no one changed the message before it arrived You can encrypt a message to keep the message confidential When you encrypt a message your BlackBerry device uses the recipient s public key to encrypt the message Only the recipient s private key can decrypt the message and the recipient knows that no one else read the message Related topics About encryption icons See page 19 About signature icons See page 20 About encryption icons When you open an encrypted message a lock icon represents the encryption status Your system administrator sets an IT Policy that determines whether the encryption algorithm that the message uses is considered to be strong or weak e Lock The message is strongly encrypted e Lock with a ques
3. Certificates that you obtain from PGP keys are stored in the key store and appear in the Certificates screen User Guide Supplement Related topics About PGP key icons See page 10 About digital signatures and encryption See page 19 About the key store See page 14 About PGP key icons The following icons indicate the status of PGP keys stored on your BlackBerry device e Key The PGP key has a corresponding private key on your device e Check mark The PGP key is trusted the PGP key revocation status is good and the PGP key is valid e Question mark The revocation status of the PGP key is unknown or the key is weak e X The PGP key is not trusted revoked expired not yet valid or could not be verified Related topics Check the status of a PGP key See page 11 Download an updated PGP key See page 11 Download a personal PGP key from the PGP Universal Server In the device options click Security Options Click PGP Click the trackwheel Click Download Keys Type your key store password Click OK Type the pass phrase to decrypt your private key Click OK po 4 pm AWN Related topics About PGP keys See page 9 Send a PGP key to a contact See page 12 Download another person s PGP key In the device options click Security Options Click PGP keys Click the trackwheel Click Fetch PGP Keys Select a Lightweight Directory Access Protocol LDAP server 6 Type PGP key
4. REVENUE OR EARNINGS LOST DATA DAMAGES CAUSED BY DELAYS LOST PROFITS OR A FAILURE TO REALIZE EXPECTED SAVINGS This document might contain references to third party sources of information hardware or software products or services and or third party web sites collectively the Third Party Information RIM does not control and is not responsible for any Third Party Information including without limitation the content accuracy copyright compliance compatibility performance trustworthiness legality decency links or any other aspect of Third Party Information The inclusion of Third Party Information in this document does not imply endorsement by RIM of the Third Party Information or the third party in any way Installation and use of Third Party Information with RIM s products and services may require one or more patent trademark or copyright licenses in order to avoid infringement of the intellectual property rights of others Any dealings with Third Party Information including without limitation compliance with applicable licenses and terms and conditions are solely between you and the third party You are solely responsible for determining whether such third party licenses are required and are responsible for acquiring any such licenses relating to Third Party Information To the extent that such intellectual property licenses may be required RIM expressly recommends that you do not install or use Third Party Information until
5. Support Package for BlackBerry devices is designed to permit you to send PGP messages from and receive PGP messages on your BlackBerry device if you are already sending PGP messages from and receiving PGP messages on your computer The PGP Support Package for BlackBerry devices supports OpenPGP messages and if your BlackBerry device is integrated with an account that uses BlackBerry Enterprise Server Version 4 1 2 or later PGP MIME messages PGP Support Package for BlackBerry devices prerequisites e Verify that you have installed the BlackBerry Desktop Software on your computer The installer for the PGP Support Package for BlackBerry devices uses components from the BlackBerry Device Software e Verify that you have installed and configured the PGP Universal Satellite or PGP Desktop client on your computer Refer to the PGP documentation to determine the correct version for your configuration e Verify that you have obtained the installer for the PGP Support Package for BlackBerry devices from PGP Corporation or an authorized PGP reseller e Verify that your BlackBerry Enterprise Server supports the PGP Support Package for BlackBerry devices Install the PGP Support Package for BlackBerry devices on your computer 1 Double click the installer for the PGP Support Package for BlackBerry devices 2 Complete the instructions on the screen Install the PGP Support Package for BlackBerry devices on your Bl
6. all such applicable licenses have been acquired by you or on your behalf Your use of Third Party Information shall be governed by and subject to you agreeing to the terms of the Third Party Information licenses Any Third Party Information that is provided with RIM s products and services is provided as is RIM makes no representation warranty or guarantee whatsoever in relation to the Third Party Information and RIM assumes no liability whatsoever in relation to the Third Party Information even if RIM has been advised of the possibility of such damages or can anticipate such damages Research In Motion Limited Research In Motion UK Limited 295 Phillip Street 200 Bath Road Waterloo ON N2L 3W8 Slough Berkshire SL1 3XE Canada United Kingdom Published in Canada Contents 1 PGP Support Package for BlackBerry devices installation c cccsscsscssssssssssssssessessessessecsessessessessesseeseeseeseeseens 7 2 POPKEYS Renee nn an rn ser a EE 9 3 e nr 17 IT le nl Le 19 fr lee een 27 6 ett HEEN 29 PGP Support Package for BlackBerry devices installation About the PGP Support Package for BlackBerry devices PGP Support Package for BlackBerry devices prerequisites Install the PGP Support Package for BlackBerry devices on your computer Install the PGP Support Package for BlackBerry devices on your BlackBerry device Enroll with the PGP Universal Server About the PGP Support Package for BlackBerry devices The PGP
7. computer you might want to set this field to No if you do not want your private key backed up to your computer for security reasons 1 In the device options click Security Options Click Key Stores Set the Allow Key Store Backup Restore field to No 4 Click the trackwheel 5 Click Save Related topic About the key store See page 14 Shortcuts for viewing PGP key information in the PGP Keys screen To view the PGP key label press the Space key To view PGP key information press the Enter key To view the security level of a private PGP key press the Alt key and L To view the serial number for a PGP key press the Alt key and S PGP key troubleshooting cannot download another person s PGP key from an LDAP server cannot download another person s PGP key from an LDAP server Try performing the following actions User Guide Supplement Verify that your organization permits you to download PGP keys from an LDAP certificate server For more information contact your system administrator If you changed the connection type that your BlackBerry device uses to connect to the LDAP certificate server try using the default connection type Related topic LDAP certificate server options See page 17 Certificate servers About certificate servers Add a certificate server LDAP certificate server options Change certificate server information Delete a certificate server Send certificate serve
8. device corresponds with the PGP key e Not Trusted The PGP key is not explicitly trusted and does not chain to a trusted PGP key on your device and a chain of digital signatures to a trusted key does not exist e Creation Date The date the key was generated e Expiration Date The expiration date that is set by the PGP Universal Server e Email Address The email address associated with the key Multiple Email Address fields might appear e Public Key Type The standard to which the public key complies Your device supports Rivest Shamir 2 PGP keys Adleman RSA Digital Signature Algorithm DSA and Diffie Hellman DH keys e Key Usage Approved uses for the key e Fingerprint The PGP key fingerprint in hexidecimal format Related topics About PGP keys See page 9 Find PGP key information See page 10 Find PGP subkey information See page 11 Check the status of a PGP key In the device options click Security Options Click PGP Keys Highlight a PGP key Click the trackwheel Click Fetch Status um bk wn Related topics About PGP key icons See page 10 Download an updated PGP key See page 11 Download an updated PGP key In the device options click Security Options Click PGP Keys Highlight a PGP key Click the trackwheel Click Fetch Updated PGP Key um bk wn Related topics About PGP keys See page 9 About PGP key icons See page 10 Check the status of a PGP
9. key See page 11 User Guide Supplement Set a PGP key to trusted In the device options click Security Options Click PGP Keys Highlight an untrusted PGP key Click the trackwheel Click Trust aR wN Related topics About PGP keys See page 9 About PGP key icons See page 10 Set a PGP key to not trusted See page 12 Set a PGP key to not trusted In the device options click Security Options Click PGP Keys Highlight a trusted PGP key Click the trackwheel Click Distrust mb un dn Related topics About PGP keys See page 9 Revoke a PGP key See page 13 Delete a PGP key See page 13 Send a PGP key to a contact In the device options click Security Options Click PGP Keys Highlight a PGP key Click the trackwheel Click Send via Email or Send via PIN vun n Note When you send a PGP key only the public key is sent and not the private key Related topic Import a PGP key from a message See page 20 Set options for checking the status of a PGP key In the device options click Security Options Click PGP keys Click the trackwheel Click Fetch PGP Keys Click the trackwheel Click Options Perform one of the following actions NOW R WN oe e To always check the status of a PGP key when you add it to the key store set the Fetch Status field to Yes e To be prompted to check the status of a PGP key when you add it to the key store set the Fetch Status fie
10. key to set the Reason field to the appropriate revocation reason 8 Click OK Note Other options that do not apply to your support package might appear in the dialog box Related topics Revocation reasons See page 13 Set a PGP key to not trusted See page 12 Delete a PGP key See page 13 Revocation reasons e Unknown The reason is unspecified e Superseded A new PGP key is replacing an existing PGP key e Key Compromise A person who is not the key subject might have discovered the private key value e Key Retired The PGP key is no longer used e User ID Invalid The user information is no longer valid Related topic Revoke a PGP key See page 13 Delete a PGP key In the device options click Security Options Click PGP keys Highlight a PGP key Click the trackwheel Click Delete mb WN User Guide Supplement Related topics Revoke a PGP key See page 13 Set a PGP key to not trusted See page 12 Add a contact when adding a PGP key to the key store You can add new contacts from PGP keys to your address book automatically when you add a PGP key to the BlackBerry device key store 1 In the device options click Security Options Click Key Stores 3 Set the Key Store Address Injector field to Enabled Click the trackwheel Click Save Related topic About the key store See page 14 Set the service used to download PGP keys Verify that your system administra
11. patents for a list of RIM as hereinafter defined patents This document is provided as is and Research In Motion Limited and its affiliated companies RIM assume no responsibility for any typographical technical or other inaccuracies in this document In order to protect RIM proprietary and confidential information and or trade secrets this document may describe some aspects of RIM technology in generalized terms RIM reserves the right to periodically change information that is contained in this document however RIM makes no commitment to provide any such changes updates enhancements or other additions to this document to you in a timely manner or at all RIM MAKES NO REPRESENTATIONS WARRANTIES CONDITIONS OR COVENANTS EITHER EXPRESS OR IMPLIED INCLUDING WITHOUT LIMITATION ANY EXPRESS OR IMPLIED WARRANTIES OR CONDITIONS OF FITNESS FOR A PARTICULAR PURPOSE NON INFRINGEMENT MERCHANTABILITY DURABILITY TITLE OR RELATED TO THE PERFORMANCE OR NON PERFORMANCE OF ANY SOFTWARE REFERENCED HEREIN OR PERFORMANCE OF ANY SERVICES REFERENCED HEREIN IN CONNECTION WITH YOUR USE OF THIS DOCUMENTATION NEITHER RIM NOR ITS RESPECTIVE DIRECTORS OFFICERS EMPLOYEES OR CONSULTANTS SHALL BE LIABLE TO YOU FOR ANY DAMAGES WHATSOEVER BE THEY DIRECT ECONOMIC COMMERCIAL SPECIAL CONSEQUENTIAL INCIDENTAL EXEMPLARY OR INDIRECT DAMAGES EVEN IF RIM HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES INCLUDING WITHOUT LIMITATION LOSS OF BUSINESS
12. subject information in one or more of the First Name Last Name or Email fields 7 Click the trackwheel 8 Click Search 9 Click a PGP key 10 Click Add PGP Key to Key Store 11 Type your key store password 12 Click OK und Notes A selected check box beside a PGP key indicates that the PGP key is downloaded and stored in the key store on your BlackBerry device If you use the PGP Universal Server you might not be able to download PGP keys from an LDAP server Related topics About PGP keys See page 9 Set options for checking the status of a PGP key See page 12 cannot download another person s PGP key from an LDAP server See page 15 Find PGP key information 1 In the device options click Security Options 2 Click PGP keys 3 Click a PGP key 4 Click Details Related topics PGP key information fields See page 11 Find PGP subkey information See page 11 Find PGP subkey information In the device options click Security Options Click PGP keys Click a PGP key Click Details Click View Subkey vun m Related topics PGP key information fields See page 11 Find PGP key information See page 10 PGP key information fields e Revocation Status The status of the PGP key at a specified date and time e Trust Status How the PGP key is trusted e Explicitly Trusted The PGP key itself is trusted e Implicitly Trusted A private key on your BlackBerry
13. you assign to the message Your system administrator configures the set of message classifications that you can use 20 If you receive a message that uses message classifications your can view the abbreviated classification in the subject line of the message and the full description of the classification in the body of the message The abbreviated classification and description also appear in messages in your Sent Items folder Related topic Digitally sign or encrypt an email message See page 21 Download a sender s PGP key 1 In an open PGP message highlight the digital signature or trust status icon 2 Click the trackwheel 3 Click Fetch Sender s PGP key Notes The Fetch Sender s PGP key menu item appears only if the sender s PGP key is not included in your BlackBerry device key store or the sender s message If you use the PGP Universal Server you might not be able to download the sender s PGP key or your device might download the sender s key from the PGP Universal Server automatically Related topics Download another person s PGP key See page 10 cannot add a PGP key to the key store from an email or PIN message See page 25 Import a PGP key from a message L In an open message highlight the digital signature or trust status icon 2 Click the trackwheel Click Import PGP Key 4 Type your key store password 5 Click OK 6 Type a PGP key label 7 Click OK Note I
14. Encoding field to Encrypt e To attach a digital signature and encrypt the message set the Encoding field to Sign and Encrypt Note To send an encrypted personal identification number PIN message the recipient must appear in your contact list with an associated PIN and email address Your BlackBerry device uses the email address in your contact list to locate a PGP key for the recipient 22 Related topics Select your default PGP key See page 23 cannot see all signing or encryption options See page 24 View an attachment in a signed message 1 In an open message click the attachment 2 Click Open Attachment Related topic Import a PGP key from an attachment See page 21 Search the message list In a message list click the trackwheel Click Search Set the search criteria Sun Perform one of the following actions e To search only plain text and signed messages Set the Include Encrypted Messages field to No e To search plain text signed and encrypted messages set the Include Encrypted Messages field to Yes 5 Click the trackwheel 6 Click Search Note If you set the Include Encrypted Messages field to Yes and the security level for your private key is set to medium or high your BlackBerry device might prompt you to type your key store password before search results appear Related topic Set how long your key store password is remembered See page 15 Encrypt
15. L D DLD I LIL D D Lo D LO n PD Fy PGP Support Package for BlackBerry Devices User Guide Supplement BlackBerry 8707h Smartphone PGP Support Package for BlackBerry Devices User Guide Supplement Last modified 28 June 2007 Document ID 12063712 001 At the time of publication this documentation is based on PGP Support Package for BlackBerry devices Version 422 Send us your comments on product documentation https www blackberry com DocsFeedback 2007 Research In Motion Limited All Rights Reserved The BlackBerry and RIM families of related marks images and symbols are the exclusive properties of Research In Motion Limited RIM Research In Motion BlackBerry Always On Always Connected and the envelope in motion symbol are registered with the U S Patent and Trademark Office and may be pending or registered in other countries PGP is a registered trademark of PGP Corporation in the United States and other countries All other brands product names company names trademarks and service marks are the properties of their respective owners The BlackBerry device and or associated software are protected by copyright international treaties and various patents including one or more of the following U S patents 6 278 442 6 271 605 6 219 694 6 075 470 6 073 318 D445 28 D433 460 D416 256 Other patents are registered or pending in various countries around the world Visit www rim com
16. NCE OF ANY SOFTWARE REFERENCED HEREIN OR PERFORMANCE OF ANY SERVICES REFERENCED HEREIN IN CONNECTION WITH YOUR USE OF THIS DOCUMENTATION NEITHER RIM NOR ITS RESPECTIVE DIRECTORS OFFICERS EMPLOYEES OR CONSULTANTS SHALL BE LIABLE TO YOU FOR ANY DAMAGES WHATSOEVER BE THEY DIRECT ECONOMIC COMMERCIAL SPECIAL CONSEQUENTIAL INCIDENTAL EXEMPLARY OR INDIRECT DAMAGES EVEN IF RIM HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES INCLUDING WITHOUT LIMITATION LOSS OF BUSINESS REVENUE OR EARNINGS LOST DATA DAMAGES CAUSED BY DELAYS LOST PROFITS ORA FAILURE TO REALIZE EXPECTED SAVINGS This document might contain references to third party sources of information hardware or software products or services and or third party web sites collectively the Third Party Information RIM does not control and is not responsible for any Third Party Information including without limitation the content accuracy copyright compliance compatibility performance trustworthiness legality decency links or any other aspect of Third Party Information The inclusion of Third Party Information in this document does not imply endorsement by RIM of the Third Party Information or the third party in any way Installation and use of Third Party Information with RIM s products and services may require one or more patent User Guide Supplement trademark or copyright licenses in order to avoid infringement of the intellectual property rights o
17. a PGP message with a pass phrase For conventional encryption your BlackBerry device uses a pass phrase instead of your PGP key to encrypt the message 1 Inanunsent message set the Encoding field to one that uses encryption Click the trackwheel Click Options Click the trackwheel Click Save Type your message Click the trackwheel Click Send Type a pass phrase to encrypt the message O ONAN bk H CH 11 Confirm the pass phrase 12 Click OK Using a secure method let the recipient know what the pass phrase is Related topics Select your default PGP key See page 23 Digitally sign or encrypt an email message See page 21 Attach a PGP key to a message In an unsent message click the trackwheel Click Attach PGP Keys Highlight a PGP key Click the trackwheel Click Continue um pwn Related topic Send a PGP key to a contact See page 12 Set the Use Conventional Encryption field to Yes 4 PGP messages Display small status icons for PGP messages In the device options click Security Options Click PGP Set the Message Viewer Icons field to Small Click the trackwheel Click Save um bk wn Related topics About encryption icons See page 19 About signature icons See page 20 Select your default PGP key Your BlackBerry device uses the default PGP key to sign messages and to encrypt messages in the Sent folder 1 In the device options click Security Opt
18. ackBerry device 1 Connect your BlackBerry device to your computer 2 On the taskbar click Start gt Programs gt BlackBerry gt Desktop Manager Double click the Application Loader icon Click Next Select the BlackBerry PGP Support Package check box EN User Guide Supplement 6 7 Click Next Click Finish Enroll with the PGP Universal Server 1 6 7 After your BlackBerry device has completed enterprise activation at the prompt click Enroll Now Type your email address or domain login information Click OK Click OK again To download PGP keys from the PGP Universal Server click Yes Type the pass phrase to decrypt your private key Click OK Related topic Legal notice See page 29 PGP keys About PGP keys About PGP key icons Download a personal PGP key from the PGP Universal Server Download another person s PGP key Find PGP key information Find PGP subkey information PGP key information fields Check the status of a PGP key Download an updated PGP key Set a PGP key to trusted Set a PGP key to not trusted Send a PGP key to a contact Set options for checking the status of a PGP key Use the common name when adding a PGP key to the key store Change the display name for a PGP key Revoke a PGP key Revocation reasons Delete a PGP key Add a contact when adding a PGP key to the key store Set the service used to download PGP keys About the key store
19. certificate server information In the device options click Security Options Click Certificate Servers Highlight a server Click the trackwheel Click Edit Edit the appropriate fields Click the trackwheel NOUR WN User Guide Supplement 8 Click Save Related topics LDAP certificate server options See page 17 Delete a certificate server 1 In the device options click Security Options 2 Click Certificate Servers 3 Highlight a server 4 Click the trackwheel 5 Click Delete 6 Click Yes Related topic Change certificate server information See page 17 Send certificate server information to a contact In the device options click Security Options Click Certificate Servers Highlight a server Click the trackwheel Click Email Server or PIN Server ane un Related topics Send a PGP key to a contact See page 12 Attach a PGP key to a message See page 23 PGP messages About digital signatures and encryption About encryption icons About signature icons About message classifications Download a sender s PGP key Import a PGP key from a message Import a PGP key from an attachment Import certificate server information from a message Forward or reply to a PGP message Digitally sign or encrypt an email message Digitally sign or encrypt a PIN message View an attachment in a signed message Search the message list Encrypt a PGP message with a pass phrase Attach a PGP key to a message
20. eel AWN gt Click Change Password Related topics About the key store See page 14 Set how long your key store password is remembered See page 15 Set how long your key store password is remembered After a password timeout occurs you must type your password to access private keys In the device options click Security Options Click Key Stores Set the Private Key Password Timeout field Click the trackwheel Click Save up wn dm Related topics About the key store See page 14 Change the key store password See page 14 Set how frequently the revocation status is refreshed When your BlackBerry device stores a PGP key longer than the time limit specified in the Certificate Status Expires field your device should download a new revocation status automatically the next time your device uses the PGP key 1 In the device options click Security Options 2 Click Key Stores 3 Set the Certificate Status Expires After field to the length of time that a revocation status can be stored before your device considers the status to be stale Click the trackwheel Click Save Related topic Check the status of a PGP key See page 11 2 PGP keys Do not back up or restore items in the key store The Allow Key Store Backup Restore field determines whether items in the key store are backed up or restored when your BlackBerry device is backed up or restored Although the keys are encrypted on your
21. eel Click Save um pwn 24 Related topic About message classifications See page 20 Turn off the prompt that appears when you use a PGP key that is not recommended for use By default a prompt appears when you try to send a message using a PGP key that is not recommended for use for example a weak or expired PGP key 1 In the device options click Security Options Click PGP Set the Warn about problems with my PGP keys field to No 4 Click the trackwheel 5 Click Save To receive a prompt again set the Warn about problems with my PGP keys field to Yes PGP message troubleshooting cannot see all signing or encryption options cannot add a PGP key to the key store from an email or PIN message I cannot see all signing or encryption options Try performing one of the following actions e Verify that the current message classification supports the signing or encryption options that you want Try using a different message classification e Verify that your message service is configured to support all signing and encryption options Related topic About message classifications See page 20 cannot add a PGP key to the key store from an email or PIN message Verify with your system administrator that your configuration permits you to download PGP keys from an LDAP server 4 PGP messages 25 User Guide Supplement 26 Memory cleaning About memory cleaning Set how frequently
22. f others Any dealings with Third Party Information including without limitation compliance with applicable licenses and terms and conditions are solely between you and the third party You are solely responsible for determining whether such third party licenses are required and are responsible for acquiring any such licenses relating to Third Party Information To the extent that such intellectual property licenses may be required RIM expressly recommends that you do not install or use Third Party Information until all such applicable licenses have been acquired by you or on your behalf Your use of Third Party Information shall be governed by and subject to you agreeing to the terms of the Third Party Information licenses Any Third Party Information that is provided with RIM s products and services is provided as is RIM makes no representation warranty or guarantee whatsoever in relation to the Third Party Information and RIM assumes no liability whatsoever in relation to the Third Party Information even if RIM has been advised of the possibility of such damages or can anticipate such damages 30
23. f you use the PGP Universal Server you might not be able to import PGP keys from messages Related topics Download a sender s PGP key See page 20 Download another person s PGP key See page 10 cannot add a PGP key to the key store from an email or PIN message See page 25 Import a PGP key from an attachment 1 In an open message click the PGP key attachment icon 2 Click Retrieve PGP Attachment 3 Click the PGP key 4 Click Import PGP Key Note If you use the PGP Universal Server you might not be able to import PGP keys from message attachments Related topics Download a sender s PGP key See page 20 Download another person s PGP key See page 10 cannot add a PGP key to the key store from an email or PIN message See page 25 Import certificate server information from a message 1 In an open message highlight a PGP server icon 2 Click the trackwheel 4 PGP messages 3 Click Import Server Note If you use the PGP Universal Server you might not be able to import certificate server information from messages Related topics Add a certificate server See page 17 cannot add a PGP key to the key store from an email or PIN message See page 25 Forward or reply to a PGP message 1 In an open message click the trackwheel 2 Click Forward or Reply Related topics Digitally sign or encrypt an email message See page 21 cannot see all signing or encrypti
24. ions 2 Click PGP 3 Set the Default Key field 4 Click the trackwheel 5 Click Save Related topic Digitally sign or encrypt an email message See page 21 Select encryption algorithms for PGP messages If a message has multiple recipients your BlackBerry device uses the first selected algorithm that all recipients are known to support 1 In the device options click Security Options 2 Click PGP Select all content ciphers that you want available for encrypting messages 23 User Guide Supplement 4 Click the trackwheel 5 Click Save Related topic Digitally sign or encrypt an email message See page 21 Set the default security options that you use to send messages Your BlackBerry device uses the default encoding for contacts to whom you have not previously sent a message In the device options click Advanced Options Click Message Services Set the Default Encoding field Click the trackwheel Click Save ae DH Related topic About digital signatures and encryption See page 19 Set the default message classification that you use to send messages Verify that your system administrator has set up message Classifications Your BlackBerry device uses the default message classification for contacts to whom you have not previously sent a message In the device options click Advanced Options Click Message Services Set the Default Classification field Click the trackwh
25. ld to Prompt e To never check the status of a PGP key when you add it to the key store set the Fetch Status field to No 8 Click the trackwheel 9 Click Save Related topics About the key store See page 14 Check the status of a PGP key See page 11 Use the common name when adding a PGP key to the key store The common name is the name set for the key when it is generated You can use the common name as a label for the key on your BlackBerry device or you can set the label to one that has more meaning to you 1 In the device options click Security Options Click PGP keys Click the trackwheel Click Fetch PGP Keys Click the trackwheel Click Options Set the Prompt for Label field to Yes Click the trackwheel Click Save O ONAN bk H Related topics Change the display name for a PGP key See page 13 Add a contact when adding a PGP key to the key store See page 14 Change the display name for a PGP key 1 In the device options click Security Options 2 Click PGP keys 3 Highlight a PGP key 4 Click the trackwheel 5 Click Change Label 6 Type a new PGP key label 7 Click OK Related topic Use the common name when adding a PGP key to the key store See page 12 Revoke a PGP key In the device options click Security Options Click PGP Keys Highlight a PGP key Click the trackwheel Click Revoke um Fb ba H 2 PGP keys 6 Click Yes 7 Press the Space
26. on options See page 24 Digitally sign or encrypt an email message 1 Inanunsent message perform one of the following actions e To apply the default encoding recommended by the PGP Universal Server set the Encoding field to PGP Universal Default e To attach a digital signature set the Encoding field to Sign e To encrypt the message set the Encoding field to Encrypt e To attach a digital signature and encrypt the message set the Encoding field to Sign and Encrypt 2 If required set the Classification field 21 User Guide Supplement Note If you set the Encoding field to indicate that the message should be encrypted and keys are not available for all recipients you might be able to send the message to the PGP Universal Server for further processing In this case you have the option to click Send to Server If you use the PGP Universal Server and your system administrator has specified a minimum set of actions the PGP Universal Server might encrypt or sign your message even if you did not select these actions Related topics Select your default PGP key See page 23 Select encryption algorithms for PGP messages See page 23 cannot see all signing or encryption options See page 24 Digitally sign or encrypt a PIN message In an unsent message perform one of the following actions e To attach a digital signature set the Encoding field to Sign e To encrypt the message set the
27. r information to a contact About certificate servers Your BlackBerry device uses Lightweight Directory Access Protocol LDAP servers to search for and download PGP keys If you use the PGP Universal Server you might not be able to download PGP keys from an LDAP server Related topic Add a certificate server See page 17 Add a certificate server 1 In the device options click Security Options 2 Click Certificate Servers 3 Click the trackwheel 4 Click New Server 5 Set the Server Type field 6 Type the appropriate information for the server 7 Click the trackwheel 8 Click Save Related topics LDAP certificate server options See page 17 LDAP certificate server options e Friendly Name Type the common name that is associated with the server e Server Name Type the network address of the server e Base Query Type the base query information as it is configured in your LDAP server Content appears in X 509 distinguished name DN syntax for example o test rim net e Port Type the port number as it is configured on your organization s network The default port number is 389 e Authentication Type Set whether you require authentication credentials to connect to the server e Connection Type Set whether your BlackBerry device uses Secure Sockets Layer SSL or Transport Layer Security TLS to connect to the server Related topic Add a certificate server See page 17 Change
28. s product names company names trademarks and service marks are the properties of their respective owners The BlackBerry device and or associated software are protected by copyright international treaties and various patents including one or more of the following U S patents 6 278 442 6 271 605 6 219 694 6 075 470 6 073 318 D445 428 D433 460 D416 256 Other patents are registered or pending in various countries around the world Visit www rim com patents for a list of RIM as hereinafter defined patents This document is provided as is and Research In Motion Limited and its affiliated companies RIM assume no responsibility for any typographical technical or other inaccuracies in this document In order to protect RIM proprietary and confidential information and or trade secrets this document may describe some aspects of RIM technology in generalized terms RIM reserves the right to periodically change information that is contained in this document however RIM makes no commitment to provide any such changes updates enhancements or other additions to this document to you in a timely manner or at all RIM MAKES NO REPRESENTATIONS WARRANTIES CONDITIONS OR COVENANTS EITHER EXPRESS OR IMPLIED INCLUDING WITHOUT LIMITATION ANY EXPRESS OR IMPLIED WARRANTIES OR CONDITIONS OF FITNESS FORA PARTICULAR PURPOSE NON INFRINGEMENT MERCHANTABILITY DURABILITY TITLE OR RELATED TO THE PERFORMANCE OR NON PERFORMA
29. the memory cleaning application runs Clear the device memory View the memory cleaning icon on the Home screen About memory cleaning Your BlackBerry device turns on the memory cleaning application automatically when you turn on content protection or when you install the S MIME Support Package for BlackBerry devices or the PGP Support Package for BlackBerry devices on your device The memory cleaning application on your device is designed to clear sensitive content from memory Examples of sensitive content include sensitive web content in the browser cache unencrypted email content Lightweight Directory Access Protocol LDAP authentication passwords and information from certificate and key searches The device memory is designed to be cleared automatically when your device e is inserted in the holster e remains idle for a configured period of time e is synchronized with your computer e has its time or time zone changed e is locked Set how frequently the memory cleaning application runs 1 In the device options click Security Options 2 Click Memory Cleaning 3 Perform any of the following actions e Toclear the BlackBerry device memory every time you insert your device in the holster set the Clean When Holstered field to Yes e To clear the device memory after your device remains idle for a specified period of time set the Clean When Idle field to Yes Set the Idle Timeout field A Click the track
30. tion mark The message is weakly encrypted Related topic About signature icons See page 20 User Guide Supplement About signature icons When you open a digitally signed message a ribbon icon represents the verification status of the digital signature e Ribbon with a check mark Your BlackBerry device verified the digital signature e Ribbon with an X Your device could not verify the digital signature e Ribbon with a question mark Your device requires more data to verify the digital signature The icon after the ribbon icon represents the status of the sender s PGP key e Certificate with a check mark The sender s PGP key is trusted e X The sender s PGP key cannot be found on your device is revoked is not trusted or cannot be verified or the sender s email address does not match the email address in the key e Question mark Your device requires more data to verify the trust status or it considers the key status to be stale e Clock The sender s PGP key has expired Related topic About encryption icons See page 19 About message classifications If your BlackBerry device is integrated with an account that uses BlackBerry Enterprise Server Version 4 1 2 or later and your system administrator turns on message Classifications the BlackBerry Enterprise Server applies a minimum set of security actions to each message that you compose forward or reply to based on the classification that
31. tor has provided you with the service record for the BlackBerry Mobile Data System BlackBerry MDS Connection Service that your BlackBerry device uses to download PGP keys 1 In the device options click Security Options 2 Click Key Stores 3 Set the Certificate Service field to the correct service record Click the trackwheel Click Save Related topic Download another person s PGP key See page 10 About the key store The key store on your BlackBerry device stores the following items e Personal PGP keys public and private key pairs e PGP public keys downloaded from a Lightweight Directory Access Protocol LDAP server e PGP public keys imported from a message e Secure Multipurpose Internet Mail Extensions S MIME certificates downloaded from an LDAP server e S MIME certificates imported from a message The key store is protected by a key store password Your device might prompt you to set the key store password the first time that you open the key store You might need to type this password when adding items to or deleting items from the key store or when an application tries to access your private key to sign or decrypt a message Related topics Download a personal PGP key from the PGP Universal Server See page 10 Download another person s PGP key See page 10 Change the key store password In the device options click Security Options Click Key Stores Click the trackwh
32. wheel 5 Click Save Related topics About memory cleaning See page 27 Clear the device memory See page 27 Clear the device memory 1 In the device options click Security Options 2 Click Memory Cleaning 3 Inthe Registered Cleaners section click an application 4 Perform one of the following actions e To clear sensitive content for all applications click Clean Now e To clear sensitive content for the highlighted application click Clean lt Application gt Click OK Related topics About memory cleaning See page 27 User Guide Supplement Set how frequently the memory cleaning application runs See page 27 View the memory cleaning icon on the Home screen In the device options click Security Options Click Memory Cleaning Set the Show Icon on Home Screen field to Yes Click the trackwheel Click Save mb wn Related topic About memory cleaning See page 27 28 Legal notice 2007 Research In Motion Limited All Rights Reserved The BlackBerry and RIM families of related marks images and symbols are the exclusive properties of Research In Motion Limited RIM Research In Motion BlackBerry Always On Always Connected and the envelope in motion symbol are registered with the U S Patent and Trademark Office and may be pending or registered in other countries PGP is a registered trademark of PGP Corporation in the United States and other countries All other brand

Blackberry PGP User's Manual

Contents

Download Pdf Manuals

Related Search

Related Contents