As for GPG/PGP compatability... The big difference between the two packages is, PGP supports encryption algorithms with license restrictions such as RSA, while GPG does not (yet?). It uses algorithms which are at least as secure as PGP's, but which are not under patent or license protection, such as Diffie-Hellman. Recent versions of PGP can handle D-H keys, and GPG and newer versions of PGP are compatable with these keys. GPG can't encrypt and decrypt with RSA PGP keys, however.

If you're starting from scratch, and the keys don't already exist, GPG would be a great alternative, especially because "personal" versions of PGP which can be used for free (under the correct circumstances) can be used to decrypt the GPG messages even if GPG doesn't have good Mac/Windows support.

But, if you're going to be collecting foreign public keys from the Real World, where PGP has been in use for a lot longer than GPG has, you may run into problems with too many RSA keys that you can't use with GPG.

In the past, the PGP people have at times been quite aggressive in pursuing license violations (such as using a non-batch PGP license for batch processing encryption/decryptions). And, for small companies, their licensing can be quite expensive for setting up small batch processing systems (where "batch processing" pretty much means anything done by a script instead of a human). For that reason, we've been using GPG instead of PGP wherever possible. The only tricky part has been getting the customers to create Diffie-Hellman, and Not RSA keys with their personal PGP packages...

Alan

thank u for your information its beem helpful