I have been looking into PGP and GPG lately with an eye toward supporting them in an upcoming digital signature software I am designing.  All the different versions of PGP out there is pretty confusing.  PGP developer information is pretty lame also.  PGP 8 is supposed to be released today along with source code, but broken links and delayed SDK makes its release a non-event.  GPG is apparently pretty solid but its GPL-based and installation sucks.