PGP Support Package for BlackBerry
Devices
User Guide Supplement
BlackBerry 8707h Smartphone
third-party. You are solely responsible for determining whether such third-party licenses are required and are
responsible for acquiring any such licenses relating to Third-Party Information. To the extent that such intellectual
property licenses may be required, RIM expressly recommends that you do not install or use Third-Party
Information until all such applicable licenses have been acquired by you or on your behalf. Your use of Third-Party
Information shall be governed by and subject to you agreeing to the terms of the Third-Party Information licenses.
Any Third-Party Information that is provided with RIM's products and services is provided “as is”. RIM makes no
representation, warranty or guarantee whatsoever in relation to the Third-Party Information and RIM assumes no
liability whatsoever in relation to the Third-Party Information even if RIM has been advised of the possibility of
such damages or can anticipate such damages.
Research In Motion Limited
295 Phillip Street
Waterloo, ON N2L 3W8
Canada
Research In Motion UK Limited
200 Bath Road
Slough, Berkshire SL1 3XE
United Kingdom
Published in Canada
1
2
3
4
5
6
PGP Support Package for BlackBerry devices installation.................................................................................7
PGP keys.................................................................................................................................................................... 9
Certificate servers ................................................................................................................................................... 17
PGP messages..........................................................................................................................................................19
Memory cleaning.................................................................................................................................................... 27
Legal notice.............................................................................................................................................................29
1
devices
•
Verify that you have installed and configured the
PGP Universal™ Satellite or PGP Desktop client
on your computer. Refer to the PGP
documentation to determine the correct version
for your configuration.
prerequisites
Install the PGP Support Package for BlackBerry
devices on your computer
•
•
Verify that you have obtained the installer for the
PGP Support Package for BlackBerry devices from
PGP Corporation or an authorized PGP reseller.
Install the PGP Support Package for BlackBerry
devices on your BlackBerry device
Verify that your BlackBerry Enterprise Server
supports the PGP Support Package for BlackBerry
devices.
Enroll with the PGP Universal Server
About the PGP Support Package for
BlackBerry devices
Install the PGP Support Package for
BlackBerry devices on your computer
The PGP® Support Package for BlackBerry devices is
designed to permit you to send PGP messages from—
and receive PGP messages on—your BlackBerry®
device, if you are already sending PGP messages from
and receiving PGP messages on your computer. The
PGP Support Package for BlackBerry devices supports
OpenPGP messages and, if your BlackBerry device is
integrated with an account that uses BlackBerry
Enterprise Server Version 4.1.2 or later, PGP/MIME
messages.
1. Double-click the installer for the PGP® Support
Package for BlackBerry® devices.
2. Complete the instructions on the screen.
Install the PGP Support Package for
BlackBerry devices on your
BlackBerry device
1. Connect your BlackBerry® device to your
computer.
PGP Support Package for BlackBerry
devices prerequisites
2. On the taskbar, click Start > Programs >
BlackBerry > Desktop Manager.
•
Verify that you have installed the BlackBerry®
Desktop Software on your computer. The installer
for the PGP® Support Package for BlackBerry
devices uses components from the BlackBerry
Device Software.
3. Double-click the Application Loader icon.
4. Click Next.
5. Select the BlackBerry PGP Support Package
check box.
User Guide Supplement
6. Click Next.
7. Click Finish.
Enroll with the PGP Universal Server
1. After your BlackBerry® device has completed
enterprise activation, at the prompt, click Enroll
Now.
2. Type your email address or domain login
information.
3. Click OK.
4. Click OK again.
5. To download PGP keys from the PGP Universal™
6. Type the pass phrase to decrypt your private key.
7. Click OK.
Related topic
Legal notice (See page 29.)
8
2
About PGP keys
Do not back up or restore items in the key store
About PGP key icons
Shortcuts for viewing PGP key information in the PGP
Keys screen
Download a personal PGP key from the PGP Universal
Server
PGP key troubleshooting
About PGP keys
A PGP® key might contain several cryptographic keys,
including a parent key to verify signatures and one or
more subkeys to encrypt messages. PGP keys are
generated in pairs, with a public key and a private key.
PGP key information fields
A PGP public key binds the identity and the public
cryptographic information of the PGP public key user.
A PGP public key is required to verify and encrypt
messages. PGP public keys are shared and are
accessible by both message senders and recipients.
Set a PGP key to not trusted
Send a PGP key to a contact
Set options for checking the status of a PGP key
A PGP private key is required to sign and decrypt
messages. Private key information is never publicly
available.
Use the common name when adding a PGP key to the
key store
You can generate a PGP key using the PGP Universal™
Server or PGP Desktop client. If you generate the PGP
key using the PGP Universal Server, the PGP Universal
Server signs the key to verify that the key is trusted.
Revoke a PGP key
Revocation reasons
A PGP key might also contain an X.509 certificate,
which is used to verify and encrypt Secure
Delete a PGP key
Multipurpose Internet Mail Extensions (S/MIME)
messages. If you use the PGP Universal Server and you
have installed the S/MIME Support Package for
BlackBerry devices, you can use these certificates to
send and receive S/MIME messages through the PGP
Universal Server. Certificates that you obtain from
PGP keys are stored in the key store and appear in the
Certificates screen.
About the key store
Change the key store password
Set how long your key store password is remembered
Set how frequently the revocation status is refreshed
User Guide Supplement
Related topics
Download another person’s PGP key
1. In the device options, click Security Options.
2. Click PGP keys.
About PGP key icons (See page 10.)
About digital signatures and encryption (See page 19.)
About the key store (See page 14.)
3. Click the trackwheel.
4. Click Fetch PGP Keys.
About PGP key icons
The following icons indicate the status of PGP® keys
stored on your BlackBerry® device:
5. Select a Lightweight Directory Access Protocol
(LDAP) server.
6. Type PGP® key subject information in one or more
•
•
•
•
Key: The PGP key has a corresponding private key
on your device.
of the First Name, Last Name, or Email fields.
7. Click the trackwheel.
8. Click Search.
Check mark: The PGP key is trusted, the PGP key
revocation status is good, and the PGP key is valid.
9. Click a PGP key.
Question mark: The revocation status of the PGP
10. Click Add PGP Key to Key Store.
11. Type your key store password.
12. Click OK.
not yet valid, or could not be verified.
Related topics
Notes:
A selected check box beside a PGP key indicates that
the PGP key is downloaded and stored in the key store
on your BlackBerry® device.
Check the status of a PGP key (See page 11.)
Download an updated PGP key (See page 11.)
be able to download PGP keys from an LDAP server.
Download a personal PGP key from
the PGP Universal Server
Related topics
1. In the device options, click Security Options.
About PGP keys (See page 9.)
2. Click PGP.
Set options for checking the status of a PGP key (See
page 12.)
3. Click the trackwheel.
4. Click Download Keys.
5. Type your key store password.
I cannot download another person's PGP key from an
LDAP server (See page 15.)
8. Click OK.
Find PGP key information
1. In the device options, click Security Options.
2. Click PGP keys.
Related topics
3. Click a PGP® key.
About PGP keys (See page 9.)
4. Click Details.
Send a PGP key to a contact (See page 12.)
10
2: PGP keys
Related topics
Adleman (RSA), Digital Signature Algorithm
(DSA), and Diffie-Hellman (DH) keys.
PGP key information fields (See page 11.)
•
•
Find PGP subkey information (See page 11.)
hexidecimal format.
Find PGP subkey information
1. In the device options, click Security Options.
2. Click PGP keys.
Related topics
About PGP keys (See page 9.)
Find PGP key information (See page 10.)
Find PGP subkey information (See page 11.)
5. Click View Subkey.
Check the status of a PGP key
1. In the device options, click Security Options.
2. Click PGP Keys.
Related topics
PGP key information fields (See page 11.)
Find PGP key information (See page 10.)
3. Highlight a PGP® key.
PGP key information fields
5. Click Fetch Status.
•
Revocation Status: The status of the PGP® key at
a specified date and time.
Related topics
•
Trust Status: How the PGP key is trusted.
About PGP key icons (See page 10.)
•
Explicitly Trusted: The PGP key itself is
trusted.
Download an updated PGP key (See page 11.)
•
Implicitly Trusted: A private key on your
BlackBerry® device corresponds with the PGP
key.
Download an updated PGP key
1. In the device options, click Security Options.
2. Click PGP Keys.
•
Not Trusted: The PGP key is not explicitly
trusted and does not chain to a trusted PGP
key on your device, and a chain of digital
signatures to a trusted key does not exist.
3. Highlight a PGP® key.
•
•
Creation Date: The date the key was generated.
Expiration Date: The expiration date that is set by
the PGP Universal™ Server.
Related topics
About PGP keys (See page 9.)
•
•
Email Address: The email address associated with
the key. Multiple Email Address fields might
appear.
About PGP key icons (See page 10.)
Check the status of a PGP key (See page 11.)
Public Key Type: The standard to which the public
key complies. Your device supports Rivest Shamir
11
User Guide Supplement
Related topic
Set a PGP key to trusted
1. In the device options, click Security Options.
2. Click PGP Keys.
Import a PGP key from a message (See page 20.)
Set options for checking the status of
a PGP key
1. In the device options, click Security Options.
2. Click PGP keys.
Related topics
3. Click the trackwheel.
About PGP keys (See page 9.)
4. Click Fetch PGP Keys.
About PGP key icons (See page 10.)
5. Click the trackwheel.
Set a PGP key to not trusted (See page 12.)
6. Click Options.
7. Perform one of the following actions:
Set a PGP key to not trusted
1. In the device options, click Security Options.
2. Click PGP Keys.
•
•
•
To always check the status of a PGP® key
when you add it to the key store, set the Fetch
Status field to Yes.
To be prompted to check the status of a PGP
key when you add it to the key store, set the
Fetch Status field to Prompt.
To never check the status of a PGP key when
you add it to the key store, set the Fetch
Related topics
About PGP keys (See page 9.)
Revoke a PGP key (See page 13.)
Delete a PGP key (See page 13.)
9. Click Save.
Related topics
About the key store (See page 14.)
Send a PGP key to a contact
1. In the device options, click Security Options.
2. Click PGP Keys.
Check the status of a PGP key (See page 11.)
Use the common name when adding
a PGP key to the key store
The common name is the name set for the key when it
is generated. You can use the common name as a label
for the key on your BlackBerry® device or you can set
the label to one that has more meaning to you.
3. Highlight a PGP® key.
4. Click the trackwheel.
5. Click Send via Email or Send via PIN.
Note:
When you send a PGP key, only the public key is sent
and not the private key.
1. In the device options, click Security Options.
12
2: PGP keys
2. Click PGP keys.
6. Click Yes.
3. Click the trackwheel.
4. Click Fetch PGP Keys.
5. Click the trackwheel.
6. Click Options.
7. Press the Space key to set the Reason field to the
appropriate revocation reason.
8. Click OK.
Note:
Related topics
Revocation reasons (See page 13.)
Related topics
Set a PGP key to not trusted (See page 12.)
Delete a PGP key (See page 13.)
Change the display name for a PGP key (See page 13.)
Add a contact when adding a PGP key to the key store
(See page 14.)
Revocation reasons
Change the display name for a PGP
key
•
Unknown: The reason is unspecified.
•
Superseded: A new PGP® key is replacing an
existing PGP key.
1. In the device options, click Security Options.
•
Key Compromise: A person who is not the key
subject might have discovered the private key
value.
2. Click PGP keys.
3. Highlight a PGP® key.
4. Click the trackwheel.
•
•
User ID Invalid: The user information is no longer
7. Click OK.
valid.
Related topic
Related topic
Revoke a PGP key (See page 13.)
Use the common name when adding a PGP key to the
key store (See page 12.)
Delete a PGP key
1. In the device options, click Security Options.
2. Click PGP keys.
Revoke a PGP key
1. In the device options, click Security Options.
2. Click PGP Keys.
3. Highlight a PGP® key.
4. Click the trackwheel.
5. Click Delete.
3. Highlight a PGP® key.
4. Click the trackwheel.
5. Click Revoke.
13
User Guide Supplement
Related topics
About the key store
The key store on your BlackBerry® device stores the
following items:
Revoke a PGP key (See page 13.)
Set a PGP key to not trusted (See page 12.)
•
•
Personal PGP® keys (public and private key pairs)
PGP public keys downloaded from a Lightweight
Directory Access Protocol (LDAP) server
Add a contact when adding a PGP
key to the key store
You can add new contacts from PGP® keys to your
address book automatically when you add a PGP key
to the BlackBerry® device key store.
•
•
PGP public keys imported from a message
Secure Multipurpose Internet Mail Extensions
(S/MIME) certificates downloaded from an LDAP
server
1. In the device options, click Security Options.
•
S/MIME certificates imported from a message
2. Click Key Stores.
The key store is protected by a key store password.
Your device might prompt you to set the key store
password the first time that you open the key store.
an application tries to access your private key to sign
3. Set the Key Store Address Injector field to
4. Click the trackwheel.
5. Click Save.
Related topic
About the key store (See page 14.)
Related topics
Download a personal PGP key from the PGP Universal
Server (See page 10.)
Set the service used to download PGP
keys
Download another person’s PGP key (See page 10.)
Verify that your system administrator has provided you
with the service record for the BlackBerry Mobile Data
System™ (BlackBerry MDS™) Connection Service that
your BlackBerry® device uses to download PGP® keys.
Change the key store password
1. In the device options, click Security Options.
1. In the device options, click Security Options.
2. Click Key Stores.
3. Set the Certificate Service field to the correct
service record.
Related topics
4. Click the trackwheel.
About the key store (See page 14.)
5. Click Save.
Set how long your key store password is remembered
(See page 15.)
Related topic
Download another person’s PGP key (See page 10.)
14
2: PGP keys
Set how long your key store password Do not back up or restore items in the
is remembered
After a password timeout occurs, you must type your
password to access private keys.
key store
The Allow Key Store Backup/Restore field determines
whether items in the key store are backed up or
restored when your BlackBerry® device is backed up or
restored. Although the keys are encrypted on your
computer, you might want to set this field to No if you
do not want your private key backed up to your
computer for security reasons.
1. In the device options, click Security Options.
2. Click Key Stores.
1. In the device options, click Security Options.
5. Click Save.
2. Click Key Stores.
Related topics
3. Set the Allow Key Store Backup/Restore field to
About the key store (See page 14.)
No.
Change the key store password (See page 14.)
4. Click the trackwheel.
5. Click Save.
Set how frequently the revocation
status is refreshed
When your BlackBerry® device stores a PGP® key
longer than the time limit specified in the Certificate
Status Expires field, your device should download a
new revocation status automatically the next time your
device uses the PGP key.
Related topic
About the key store (See page 14.)
Shortcuts for viewing PGP key
information in the PGP Keys screen
To view the PGP® key label, press the Space key.
To view PGP key information, press the Enter key.
1. In the device options, click Security Options.
2. Click Key Stores.
To view the security level of a private PGP key, press
3. Set the Certificate Status Expires After field to
the length of time that a revocation status can be
stored before your device considers the status to
key and S.
4. Click the trackwheel.
PGP key troubleshooting
I cannot download another person's PGP key from an
LDAP server
5. Click Save.
Related topic
Check the status of a PGP key (See page 11.)
I cannot download another person's
PGP key from an LDAP server
Try performing the following actions:
15
User Guide Supplement
•
Verify that your organization permits you to
download PGP® keys from an LDAP certificate
server. For more information, contact your system
administrator.
•
BlackBerry® device uses to connect to the LDAP
certificate server, try using the default connection
type.
Related topic
LDAP certificate server options (See page 17.)
16
3
LDAP certificate server options
Add a certificate server
•
•
•
Friendly Name: Type the common name that is
associated with the server.
LDAP certificate server options
Change certificate server information
Delete a certificate server
Server Name: Type the network address of the
server.
Base Query: Type the base query information as it
is configured in your LDAP server. Content
appears in X.509 distinguished name (DN) syntax
(for example, o=test.rim.net).
Send certificate server information to a contact
About certificate servers
Your BlackBerry® device uses Lightweight Directory
Access Protocol (LDAP) servers to search for and
•
•
•
Port: Type the port number as it is configured on
your organization’s network. The default port
number is 389.
Authentication Type: Set whether you require
authentication credentials to connect to the
server.
If you use the PGP Universal™ Server, you might not
be able to download PGP keys from an LDAP server.
device uses Secure Sockets Layer (SSL) or
Transport Layer Security (TLS) to connect to the
server.
Related topic
Add a certificate server (See page 17.)
Add a certificate server
1. In the device options, click Security Options.
2. Click Certificate Servers.
3. Click the trackwheel.
Related topic
Add a certificate server (See page 17.)
Change certificate server information
1. In the device options, click Security Options.
2. Click Certificate Servers.
3. Highlight a server.
4. Click New Server.
5. Set the Server Type field.
7. Click the trackwheel.
4. Click the trackwheel.
8. Click Save.
5. Click Edit.
Related topics
6. Edit the appropriate fields.
7. Click the trackwheel.
LDAP certificate server options (See page 17.)
8. Click Save.
Related topics
LDAP certificate server options (See page 17.)
Delete a certificate server
1. In the device options, click Security Options.
2. Click Certificate Servers.
3. Highlight a server.
5. Click Delete.
6. Click Yes.
Related topic
Change certificate server information (See page 17.)
Send certificate server information to
a contact
1. In the device options, click Security Options.
2. Click Certificate Servers.
3. Highlight a server.
5. Click Email Server or PIN Server.
Related topics
Send a PGP key to a contact (See page 12.)
Attach a PGP key to a message (See page 23.)
18
4
About digital signatures and
encryption
You can digitally sign a message to help the recipient
verify the authenticity and integrity of the message.
When you digitally sign a message using your private
key, the recipient uses your public key to verify that
you sent the message and not someone who was
pretending to be you, and that no one changed the
message before it arrived.
View an attachment in a signed message
You can encrypt a message to keep the message
confidential. When you encrypt a message, your
encrypt the message. Only the recipient’s private key
no one else read the message.
Related topics
About encryption icons (See page 19.)
Attach a PGP key to a message
About signature icons (See page 20.)
Display small status icons for PGP messages
When you open an encrypted message, a lock icon
represents the encryption status. Your system
administrator sets an IT Policy that determines
whether the encryption algorithm that the message
uses is considered to be strong or weak.
messages
Set the default message classification that you use to
send messages
•
•
Lock with a question mark: The message is
Turn off the prompt that appears when you use a PGP
key that is not recommended for use
weakly encrypted.
PGP message troubleshooting
Related topic
About signature icons (See page 20.)
User Guide Supplement
If you receive a message that uses message
classifications, your can view the abbreviated
classification in the subject line of the message and
description also appear in messages in your Sent
Items folder.
About signature icons
When you open a digitally signed message, a ribbon
icon represents the verification status of the digital
signature.
•
•
•
Ribbon with a check mark: Your BlackBerry®
device verified the digital signature.
Ribbon with an X: Your device could not verify the
digital signature.
Related topic
Digitally sign or encrypt an email message (See page
21.)
Ribbon with a question mark: Your device
requires more data to verify the digital signature.
The icon after the ribbon icon represents the status of
the sender’s PGP® key.
Download a sender’s PGP key
1. In an open PGP® message, highlight the digital
signature or trust status icon.
•
Certificate with a check mark: The sender’s PGP
key is trusted.
•
X: The sender’s PGP key cannot be found on your
device, is revoked, is not trusted, or cannot be
verified, or the sender’s email address does not
match the email address in the key.
2. Click the trackwheel.
3. Click Fetch Sender’s PGP key.
Notes:
•
•
Question mark: Your device requires more data to
status to be stale.
The Fetch Sender’s PGP key menu item appears only if
the sender’s PGP key is not included in your
BlackBerry® device key store or the sender’s message.
Clock: The sender’s PGP key has expired.
be able to download the sender’s PGP key, or your
Related topic
About encryption icons (See page 19.)
Related topics
About message classifications
Download another person’s PGP key (See page 10.)
If your BlackBerry® device is integrated with an
account that uses BlackBerry Enterprise Server
Version 4.1.2 or later and your system administrator
turns on message classifications, the BlackBerry
Enterprise Server applies a minimum set of security
actions to each message that you compose, forward, or
reply to, based on the classification that you assign to
the message. Your system administrator configures
the set of message classifications that you can use.
I cannot add a PGP key to the key store from an email
or PIN message (See page 25.)
Import a PGP key from a message
1. In an open message, highlight the digital
signature or trust status icon.
2. Click the trackwheel.
3. Click Import PGP Key.
4. Type your key store password.
20
4: PGP messages
5. Click OK.
3. Click Import Server.
6. Type a PGP® key label.
7. Click OK.
Note:
If you use the PGP Universal™ Server, you might not
Note:
Related topics
Add a certificate server (See page 17.)
Related topics
I cannot add a PGP key to the key store from an email
or PIN message (See page 25.)
Download a sender’s PGP key (See page 20.)
Download another person’s PGP key (See page 10.)
I cannot add a PGP key to the key store from an email
or PIN message (See page 25.)
Import a PGP key from an attachment
1. In an open message, click the PGP® key
Related topics
attachment icon.
Digitally sign or encrypt an email message (See page
21.)
2. Click Retrieve PGP Attachment.
3. Click the PGP key.
I cannot see all signing or encryption options (See
page 24.)
4. Click Import PGP Key.
Note:
Digitally sign or encrypt an email
If you use the PGP Universal™ Server, you might not
following actions:
Related topics
•
To apply the default encoding recommended
by the PGP Universal™ Server, set the
Encoding field to PGP Universal Default.
Download a sender’s PGP key (See page 20.)
Download another person’s PGP key (See page 10.)
•
•
•
To attach a digital signature, set the Encoding
field to Sign.
I cannot add a PGP key to the key store from an email
or PIN message (See page 25.)
To encrypt the message, set the Encoding
field to Encrypt.
Import certificate server information
from a message
To attach a digital signature and encrypt the
message, set the Encoding field to Sign and
Encrypt.
1. In an open message, highlight a PGP® server icon.
2. Click the trackwheel.
2. If required, set the Classification field.
21
User Guide Supplement
Note:
Related topics
If you set the Encoding field to indicate that the
message should be encrypted and keys are not
available for all recipients, you might be able to send
the message to the PGP Universal Server for further
processing. In this case, you have the option to click
Send to Server.
Select your default PGP key (See page 23.)
I cannot see all signing or encryption options (See
page 24.)
View an attachment in a signed
administrator has specified a minimum set of actions,
2. Click Open Attachment.
Related topic
Related topics
Import a PGP key from an attachment (See page 21.)
Select your default PGP key (See page 23.)
Select encryption algorithms for PGP messages (See
page 23.)
Search the message list
1. In a message list, click the trackwheel.
2. Click Search.
I cannot see all signing or encryption options (See
page 24.)
3. Set the search criteria.
Digitally sign or encrypt a PIN
message
In an unsent message, perform one of the following
actions:
4. Perform one of the following actions:
•
To search only plain text and signed
messages, set the Include Encrypted
Messages field to No.
•
•
•
To attach a digital signature, set the Encoding
field to Sign.
•
To search plain text, signed, and encrypted
messages, set the Include Encrypted
Messages field to Yes.
To encrypt the message, set the Encoding field to
Encrypt.
5. Click the trackwheel.
To attach a digital signature and encrypt the
message, set the Encoding field to Sign and
Encrypt.
6. Click Search.
Note:
If you set the Include Encrypted Messages field to Yes
prompt you to type your key store password before
search results appear.
Note:
To send an encrypted personal identification number
(PIN) message, the recipient must appear in your
contact list with an associated PIN and email address.
Your BlackBerry® device uses the email address in
your contact list to locate a PGP® key for the recipient.
Related topic
Set how long your key store password is remembered
(See page 15.)
22
4: PGP messages
Encrypt a PGP message with a pass
phrase
Display small status icons for PGP
messages
For conventional encryption, your BlackBerry® device
uses a pass phrase instead of your PGP® key to
encrypt the message.
1. In the device options, click Security Options.
2. Click PGP.
1. In an unsent message, set the Encoding field to
one that uses encryption.
5. Click Save.
2. Click the trackwheel.
3. Click Options.
Related topics
4. Set the Use Conventional Encryption field to Yes.
5. Click the trackwheel.
6. Click Save.
About encryption icons (See page 19.)
About signature icons (See page 20.)
7. Type your message.
Select your default PGP key
Your BlackBerry® device uses the default PGP® key to
sign messages and to encrypt messages in the Sent
folder.
8. Click the trackwheel.
9. Click Send.
10. Type a pass phrase to encrypt the message.
11. Confirm the pass phrase.
1. In the device options, click Security Options.
2. Click PGP.
5. Click Save.
Related topics
Select your default PGP key (See page 23.)
Related topic
Digitally sign or encrypt an email message (See page
21.)
Digitally sign or encrypt an email message (See page
21.)
Attach a PGP key to a message
1. In an unsent message, click the trackwheel.
2. Click Attach PGP Keys.
Select encryption algorithms for PGP
messages
If a message has multiple recipients, your BlackBerry®
device uses the first selected algorithm that all
recipients are known to support.
3. Highlight a PGP® key.
4. Click the trackwheel.
1. In the device options, click Security Options.
5. Click Continue.
2. Click PGP.
Related topic
3. Select all content ciphers that you want available
for encrypting messages.
Send a PGP key to a contact (See page 12.)
23
User Guide Supplement
Related topic
About message classifications (See page 20.)
5. Click Save.
Related topic
Turn off the prompt that appears
when you use a PGP key that is not
recommended for use
Digitally sign or encrypt an email message (See page
21.)
By default, a prompt appears when you try to send a
message using a PGP® key that is not recommended
for use (for example, a weak or expired PGP key).
Set the default security options that
you use to send messages
Your BlackBerry® device uses the default encoding for
contacts to whom you have not previously sent a
message.
1. In the device options, click Security Options.
2. Click PGP.
3. Set the Warn about problems with my PGP keys
1. In the device options, click Advanced Options.
2. Click Message Services.
4. Click the trackwheel.
field to No.
4. Click the trackwheel.
To receive a prompt again, set the Warn about
5. Click Save.
Related topic
PGP message troubleshooting
About digital signatures and encryption (See page 19.)
I cannot see all signing or encryption options
I cannot add a PGP key to the key store from an email
or PIN message
Set the default message
classification that you use to send
messages
Verify that your system administrator has set up
message classifications.
I cannot see all signing or encryption
options
Try performing one of the following actions:
Your BlackBerry® device uses the default message
classification for contacts to whom you have not
previously sent a message.
•
Verify that the current message classification
supports the signing or encryption options that
you want. Try using a different message
1. In the device options, click Advanced Options.
2. Click Message Services.
•
Verify that your message service is configured to
support all signing and encryption options.
3. Set the Default Classification field.
4. Click the trackwheel.
Related topic
5. Click Save.
About message classifications (See page 20.)
24
User Guide Supplement
26
5
About memory cleaning
2. Click Memory Cleaning.
3. Perform any of the following actions:
Set how frequently the memory cleaning application
runs
•
To clear the BlackBerry® device memory every
time you insert your device in the holster, set
the Clean When Holstered field to Yes.
Clear the device memory
View the memory cleaning icon on the Home screen
•
To clear the device memory after your device
remains idle for a specified period of time, set
the Clean When Idle field to Yes. Set the Idle
About memory cleaning
Your BlackBerry® device turns on the memory
cleaning application automatically when you turn on
content protection or when you install the S/MIME
Support Package for BlackBerry devices or the PGP®
Support Package for BlackBerry devices on your
device.
5. Click Save.
Related topics
About memory cleaning (See page 27.)
The memory cleaning application on your device is
designed to clear sensitive content from memory.
Examples of sensitive content include sensitive web
content in the browser cache, unencrypted email
content, Lightweight Directory Access Protocol (LDAP)
authentication passwords, and information from
certificate and key searches.
Clear the device memory (See page 27.)
Clear the device memory
1. In the device options, click Security Options.
2. Click Memory Cleaning.
The device memory is designed to be cleared
automatically when your device:
3. In the Registered Cleaners section, click an
application.
•
•
•
•
•
is inserted in the holster
4. Perform one of the following actions:
remains idle for a configured period of time
is synchronized with your computer
has its time or time zone changed
is locked
•
To clear sensitive content for all applications,
click Clean Now.
•
To clear sensitive content for the highlighted
application, click Clean <Application>. Click
OK.
Related topics
Set how frequently the memory
cleaning application runs
About memory cleaning (See page 27.)
1. In the device options, click Security Options.
User Guide Supplement
Set how frequently the memory cleaning application
runs (See page 27.)
View the memory cleaning icon on
the Home screen
1. In the device options, click Security Options.
2. Click Memory Cleaning.
4. Click the trackwheel.
5. Click Save.
Related topic
About memory cleaning (See page 27.)
28
6
Legal notice
©2007 Research In Motion Limited. All Rights
Reserved. The BlackBerry and RIM families of related
marks, images, and symbols are the exclusive
properties of Research In Motion Limited. RIM,
Research In Motion, BlackBerry, “Always On, Always
Connected” and the “envelope in motion” symbol are
registered with the U.S. Patent and Trademark Office
and may be pending or registered in other countries.
WARRANTIES, CONDITIONS, OR COVENANTS,
EITHER EXPRESS OR IMPLIED (INCLUDING
WITHOUT LIMITATION, ANY EXPRESS OR IMPLIED
WARRANTIES OR CONDITIONS OF FITNESS FOR A
PARTICULAR PURPOSE, NON-INFRINGEMENT,
MERCHANTABILITY, DURABILITY, TITLE, OR RELATED
TO THE PERFORMANCE OR NON-PERFORMANCE
OF ANY SOFTWARE REFERENCED HEREIN OR
PERFORMANCE OF ANY SERVICES REFERENCED
HEREIN). IN CONNECTION WITH YOUR USE OF THIS
DOCUMENTATION, NEITHER RIM NOR ITS
PGP is a registered trademark of PGP Corporation in
the United States and other countries.
All other brands, product names, company names,
trademarks and service marks are the properties of
their respective owners.
RESPECTIVE DIRECTORS, OFFICERS, EMPLOYEES, OR
CONSULTANTS SHALL BE LIABLE TO YOU FOR ANY
DAMAGES WHATSOEVER BE THEY DIRECT,
The BlackBerry device and/or associated software are
protected by copyright, international treaties, and
various patents, including one or more of the following
U.S. patents: 6,278,442; 6,271,605; 6,219,694;
6,075,470; 6,073,318; D445,428; D433,460; D416,256.
Other patents are registered or pending in various
countries around the world. Visit www.rim.com/
patents for a list of RIM [as hereinafter defined]
patents.
ECONOMIC, COMMERCIAL, SPECIAL,
CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR
INDIRECT DAMAGES, EVEN IF RIM HAS BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES,
INCLUDING WITHOUT LIMITATION, LOSS OF
BUSINESS REVENUE OR EARNINGS, LOST DATA,
DAMAGES CAUSED BY DELAYS, LOST PROFITS, OR A
FAILURE TO REALIZE EXPECTED SAVINGS.
This document might contain references to third-party
sources of information, hardware or software, products
or services and/or third-party web sites (collectively
the “Third-Party Information”). RIM does not control,
and is not responsible for, any Third-Party Information,
including, without limitation the content, accuracy,
copyright compliance, compatibility, performance,
trustworthiness, legality, decency, links, or any other
aspect of Third-Party Information. The inclusion of
Third-Party Information in this document does not
imply endorsement by RIM of the Third-Party
This document is provided “as is” and Research In
Motion Limited and its affiliated companies (“RIM”)
assume no responsibility for any typographical,
technical, or other inaccuracies in this document. In
order to protect RIM proprietary and confidential
information and/or trade secrets, this document may
describe some aspects of RIM technology in
generalized terms. RIM reserves the right to
periodically change information that is contained in
this document; however, RIM makes no commitment to
provide any such changes, updates, enhancements, or
other additions to this document to you in a timely
manner or at all. RIM MAKES NO REPRESENTATIONS,
Information or the third-party in any way. Installation
and use of Third-Party Information with RIM's
products and services may require one or more patent,
User Guide Supplement
trademark, or copyright licenses in order to avoid
infringement of the intellectual property rights of
others. Any dealings with Third-Party Information,
including, without limitation, compliance with
applicable licenses and terms and conditions, are
solely between you and the third-party. You are solely
responsible for determining whether such third-party
licenses are required and are responsible for acquiring
any such licenses relating to Third-Party Information.
To the extent that such intellectual property licenses
may be required, RIM expressly recommends that you
do not install or use Third-Party Information until all
such applicable licenses have been acquired by you or
on your behalf. Your use of Third-Party Information
shall be governed by and subject to you agreeing to
the terms of the Third-Party Information licenses. Any
Third-Party Information that is provided with RIM's
products and services is provided “as is”. RIM makes
no representation, warranty or guarantee whatsoever
in relation to the Third-Party Information and RIM
assumes no liability whatsoever in relation to the
Third-Party Information even if RIM has been advised
of the possibility of such damages or can anticipate
such damages.
30
|