I have been looking into PGP and GPG lately with an eye toward supporting them in an upcoming digital signature software I am designing. All the different versions of PGP out there is pretty confusing. PGP developer information is pretty lame also. PGP 8 is supposed to be released today along with source code, but broken links and delayed SDK makes its release a non-event. GPG is apparently pretty solid but its GPL-based and installation sucks.