Tech Note #82: Hints for Using PGP
1998 Bionic Buffalo Corporation; All Rights Reserved.
28 October 1998
2 of 4
To encrypt a document, you need the public key of the recipient. To decrypt a document
which was encrypted for you, you need your own private key.
PGP can also sign and encrypt documents at the same time.
On its web site www.tatanka.com, Bionic Buffalo maintains several links to other web sites with
PGP information. Also, any major portal or search engine can be used to find other PGP web
sites. Please use our links page, or use the search engines and portals, if you need more
Internet e-mail and web pages define a content-type for different kinds of files. By knowing the
content type of a file, a program can know how to interpret the file. The web server tells the
browser the content types of files used by the browser.
Most servers determine the content type based on the ending of the file name. For example, files
which end in .htm or .html are hypertext markup language files, and files which end in .pdf are
portable document format files. There are standard names for these types: hypertext files are
called “text/html”, and portable document format files are called “application/pdf”.
When browsers read the files from disk, they also use file name endings to determine the
content types. However, when browsers connect to a web server, they receive the type string
(such as “text/html” or “application/pdf”) directly from the server, and do not look at the file
There are three content types defined for PGP files:
“application/pgp-encrypted” files usually have names which end in .pgp or .asc
“application/pgp-keys” files usually have names which end in .skr or .pkr
“application/pgp-signature” files usually have names which end in .sig
When the web server and browser are configured properly, and when a user clicks on a PGP file
on a web page, then the browser will use the PGP software to interpret the file. However, this
usually doesn’t happen for two reasons:
Most servers do not recognize the three PGP content types listed above. When a server does
not recogize a content type, it tells the browser the content type is “application/octet-
stream”, and the browser asks the user what to do or tries to save the file to disk. To fix this,
the server must be configured to recognize PGP content types.