Today I finally verified the Microsoft Security Bulletins. I found it interesting that Microsoft uses PGP to sign the message rather than the signing builtin to Outlook. It took me awhile because PGP is almost in limbo. NAI jettisoned them and Zimmerman has been vocal that PGP should be free. PGP Corp is trying to encourage people to fork over $70 a year. All of this bantering about encouraged me to give GnuPG a try. After a little searching I settled on WinPT. I tried the Outlook plug-in from Gdata briefly but I couldn't get it to work. It kept generating an error messages about spawning tasks. WinPT was actually quite easy to use. First you have to import the key from Microsoft. Then you highlight the signed portion of the e-mail, press Ctrl-Alt-D, and wait for the popup window to tell you it is valid. Okay, this is simple enough I can use it. An added bonus is that I can use WinPT with any of the email readers I use.