Policy Reference Guide

Local Navigation

PGP Application policy group

The IT policy rules in the PGP Application policy group apply to BlackBerry® devices running the PGP® Support Package for BlackBerry® smartphones. For more information about using the PGP Support Package for BlackBerry smartphones, see the PGP Support Package for BlackBerry Devices Security Technical Overview.

PGP Allowed Content Ciphers IT policy rule

Description

This rule specifies the encryption algorithms that a BlackBerry® device can use to encrypt PGP® protected messages. To maintain compatibility with most PGP clients, use Triple DES encryption and CAST. By default, a device is designed to encrypt email messages using Triple DES encryption if it does not know the decryption capabilities available to a recipient.

Possible values

  • AES (256-bit)
  • AES (192-bit)
  • AES (128-bit)
  • CAST (128-bit)
  • Triple DES

Exceptions

  • BlackBerry® Enterprise Server for Novell® GroupWise®

Minimum requirements

  • PGP® Support Package for BlackBerry® smartphones 4.1
  • BlackBerry® Device Software 4.1

Rule introduction

  • BlackBerry® Enterprise Server 4.0 SP2

PGP Allowed Encrypted Attachment Mode IT policy rule

Description

This rule specifies the mode for retrieving PGP® protected attachment information on a BlackBerry® device.

Possible values

  • None
  • Manual
  • Automatic

Default value

  • Automatic

Minimum requirements

  • BlackBerry® Device Software 4.5

Rule introduction

  • BlackBerry® Enterprise Server 4.1 SP5

PGP Allowed Encryption Types IT policy rule

Description

This rule specifies the types of encryption that a BlackBerry® device can use for PGP® protected messages.

Possible values

  • PGP key-based only
  • Conventional only
  • Both

Default value

  • Both

Minimum requirements

  • PGP® Support Package for BlackBerry® smartphones 4.0
  • BlackBerry® Device Software 4.6

Rule introduction

  • BlackBerry® Enterprise Server 4.1 SP6

PGP Blind Copy Address IT policy rule

Description

This rule specifies an email address that is added as a BCC recipient to all encrypted PGP® messages that a BlackBerry® device sends.

Default value

  • Null value

Exceptions

  • BlackBerry® Enterprise Server for Novell® GroupWise®

Minimum requirements

  • PGP® Support Package for BlackBerry® smartphones 4.1
  • BlackBerry® Device Software 4.1

Rule introduction

  • BlackBerry® Enterprise Server 4.0 SP2

PGP Force Digital Signature IT policy rule

Description

This rule specifies whether a BlackBerry® device digitally signs all PGP® protected messages that it sends. If you apply this rule, you might override email policy settings on the PGP® Universal Server.

Possible values

  • Yes
  • No

Default value

  • No

Exceptions

  • BlackBerry® Enterprise Server for Novell® GroupWise®

Minimum requirements

  • PGP® Support Package for BlackBerry® smartphones 4.1
  • BlackBerry® Device Software 4.1

Rule introduction

  • BlackBerry® Enterprise Server 4.0 SP2

PGP Force Encrypted Messages IT policy rule

Description

This rule specifies whether a BlackBerry® device encrypts all PGP® protected messages that it sends. If you apply this rule, you might override email policy settings on the PGP® Universal Server.

Possible values

  • Yes
  • No

Default value

  • No

Exceptions

  • BlackBerry® Enterprise Server for Novell® GroupWise®

Minimum requirements

  • PGP® Support Package for BlackBerry® smartphones 4.1
  • BlackBerry® Device Software 4.1

Rule introduction

  • BlackBerry® Enterprise Server 4.0 SP2

PGP Minimum Strong DH Key Length IT policy rule

Description

This rule specifies the minimum Diffie-Hellman key size to use with PGP® protected messages.

Related rules

This rule affects the Disable Weak Certificate Use IT policy rule. Configure the Disable Weak Certificate Use IT policy rule to Yes to prevent a BlackBerry® device user from sending email messages using certificates that have corresponding weak public keys.

Possible values

  • 512 to 4096 bits

Default value

  • 1024 bits

Exceptions

  • BlackBerry® Enterprise Server for Novell® GroupWise®

Minimum requirements

  • PGP® Support Package for BlackBerry® smartphones 4.1
  • BlackBerry® Device Software 4.1

Rule introduction

  • BlackBerry® Enterprise Server 4.0 SP2

PGP Minimum Strong DSA Key Length IT policy rule

Description

This rule specifies the minimum DSA key size to use with PGP® protected messages. The permitted range is 512 through 1024 bits.

Related rules

This rule affects the Disable Weak Certificate Use IT policy rule. Configure the Disable Weak Certificate Use IT policy rule to Yes to prevent a BlackBerry® device user from sending email messages using certificates that have corresponding weak public keys.

Possible values

  • 512 to 1024 bits

Default value

  • 1024 bits

Exceptions

  • BlackBerry® Enterprise Server for Novell® GroupWise®

Minimum requirements

  • PGP® Support Package for BlackBerry® smartphones 4.1
  • BlackBerry® Device Software 4.1

Rule introduction

  • BlackBerry® Enterprise Server 4.0 SP2

PGP Minimum Strong RSA Key Length IT policy rule

Description

This rule specifies the minimum RSA® key size to use with PGP® protected messages.

Related rules

This rule affects the Disable Weak Certificate Use IT policy rule. Configure the Disable Weak Certificate Use IT policy rule to Yes to prevent BlackBerry® device users from sending email messages using certificates that have corresponding weak public keys.

Possible values

  • 512 to 4096 bits

Default value

  • 1024 bits

Exceptions

  • BlackBerry® Enterprise Server for Novell® GroupWise®

Minimum requirements

  • PGP® Support Package for BlackBerry® smartphones 4.1
  • BlackBerry® Device Software 4.1

Rule introduction

  • BlackBerry® Enterprise Server 4.0 SP2

PGP More All and Send Mode IT policy rule

Description

This rule specifies the mode that a BlackBerry® device uses to retrieve the complete text of an email message when a BlackBerry device user replies to or forwards an email message.

Possible values

  • Automatic
  • Manual
  • None

Default value

  • Manual

Minimum requirements

  • BlackBerry® Device Software 5.0

Rule introduction

  • BlackBerry® Enterprise Server 5.0 SP1

PGP Universal Enrollment Method IT policy rule

Description

This rule specifies the method that a BlackBerry® device user must use to enroll with the PGP® Universal Server on a BlackBerry device. The user must submit the enrollment information to the PGP Universal Server before the user sends and receives PGP protected messages on the device.

Possible values

  • Domain username/password enrollment
  • Email-based enrolment

Default value

  • Email-based enrollment

Exceptions

  • BlackBerry® Enterprise Server for Novell® GroupWise®

Minimum requirements

  • PGP® Support Package for BlackBerry® smartphones 4.1
  • BlackBerry® Device Software 4.1

Rule introduction

  • BlackBerry® Enterprise Server 4.0 SP2

PGP Universal Policy Cache Timeout IT policy rule

Description

This rule specifies the length of time that a BlackBerry® device caches the PGP® Universal Server address.

Possible values

  • 4 to 48 hours

Default value

  • 24 hours

Exceptions

  • BlackBerry® Enterprise Server for Novell® GroupWise®

Minimum requirements

  • PGP® Support Package for BlackBerry® smartphones 4.1
  • BlackBerry® Device Software 4.1

Rule introduction

  • BlackBerry® Enterprise Server 4.0 SP2

PGP Universal Server Address IT policy rule

Description

This rule specifies the address of your organization's PGP® Universal Server. The PGP Universal Server applies email policies that the PGP Universal Server administrator configures. Configure this rule to require that the BlackBerry® device user registers with the PGP Universal Server. A BlackBerry device that is registered with the PGP® Support Package for BlackBerry® smartphones enforces compliance with the email policies for all email messages.

Default value

  • Null value

Exceptions

  • BlackBerry® Enterprise Server for Novell® GroupWise®

Minimum requirements

  • PGP Support Package for BlackBerry smartphones 4.1
  • BlackBerry® Device Software 4.1

Rule introduction

  • BlackBerry® Enterprise Server 4.0 SP2
Next topic: Phone policy group

Was this information helpful? Send us your comments.