PGP CAPS Activation Package provides support of CESG (Communications-Electronics Security Group) "Baseline" certification, this allows PGP Whole Disk Encryption to be used for information classified up to "Level 3" restricted.
|Note: This article applies to PGP CAPS Activation Package for PGP Whole Disk Encryption running on Windows XP and Windows Vista. The PGP CAPS Activation Package for PGP Whole Disk Encryption is available in PGP Desktop 9.9.|
To activate PGP CAPS Activation Package on the user's system
- Once the user has enrolled, the security administrator inserts PGP CAPS Activation Package (on compact disc or USB drive).
- From the command line, run the program located on the disc or USB drive:
pgpwde --secure --disk 0 -u user -p pass --cesg-key-file aes32.dat --dak-index 6 --session-key-index 7
where user is the user's name (on the system being encrypted), pass is the user's password, aes3.dat is the CAPS key file name, and 7 is the key index.
This program locates the CESG key, obtains this key, and then inserts the key into the PGP Desktop installation.
Note: Do not copy the files in the PGP CAPS Activation Package to the user's system. Run the program directly from the media on which the files are located.
- Once the key has been located and inserted, the script then initiates the system disk encryption.
- As soon as encryption begins, verify that no errors have been received. If encryption has begun, the security administrator can then exit the command line and eject the disc or USB drive containing the PGP CAPS Activation Package.
Tip: PGP Corporation recommends that the administrator activating PGP CAPS Activation Package use a "generic" password. The user should then start PGP Desktop and change the password. For information on how to change the user's passphrase, see "Changing User Passphrases" in the PGP Desktop for Windows User's Guide or online help.