This article describes how email is encrypted from the handheld with the PGP Support Package for BlackBerry. This article refers to users running BlackBerry Device Software 4.1 or higher with a PGP Universal Server in their network.
By default, when you send a message with your BlackBerry, it will check the PGP Universal Server to see which policy should be applied. The PGP Universal Server will check the policy settings for the recipient and do a key lookup if required. It will then pass the information to the Handheld where the message will be encrypted and/or signed or sent in the clear according to the policy. In other words, encryption happens automatically without a need for user intervention.
When you compose a message, the Send Using field defaults to the PGP Universal Server policy which the handheld is enrolled with. You can only override that policy with one that enforces stronger security. In other words, if your PGP Universal Server is configured to send a message to a certain recipient in the clear, you can select Send Using: Sign and Encrypt (depending on the setup of the BES) and it will override the PGP Universal policy of sending in the clear.
However, if the PGP Universal policy was to encrypt and sign, then it is not possible to override that security setting and send in the clear. The stronger of the two policies is always enforced.
Manually encrypt and sign a message
- From Messages click the track wheel and select Compose Message.
- Scroll up to the Send Using field.
- Click the track wheel and select Change Option.
- Scroll to Desktop: PGP[Sign and Encrypt] and click the track wheel. The options available here will depend on the setup of the BlackBerry Enterprise Server
- Compose and send your message.
|Note: If you manually select encrypt and a key is not located on your device or the PGP Universal Server cannot locate a key for the recipient, you will be prompted with the following options: