The PGP SDK is the cryptographic provider for all PGP products. It is a library that is distributed with our products (though it is also available for third parties to license and use). PGP Desktop (PGP WDE, PGP NetShare, PGP Desktop Email, PGP Zip, etc.), PGP Command Line, and PGP Universal all use the PGP SDK for key generation, random number generation, encryption, digital signatures, etc.
The National Institute of Standards and Technology has programs to verify that cryptographic implementations are correct (CAVP, the Cryptographic Algorithm Validation Program) and that a cryptographic module itself is secure (CMVP, the Cryptographic Module Validation Program). E.g., the CMVP requires that a module properly zeroize keys in memory when they are no longer in use. We submit the PGP SDK for algorithm testing, and for module validation. On the NIST CAVP and CMVP websites you can find our algorithm and module validation certificates.
If your module is validated under FIPS 140-2 (Federal Information Processing Standards "Security Requirements for Cryptographic Modules") a user of your module must be able to ensure that the module has not been tampered with, and that the algorithms are still working properly (e.g., that your random number generator has not gotten "stuck" and is spitting out the same number over and over). Some agencies of the government (both US and foreign) as well as contractors who work with the government (e.g. defence contractors) often need this assurance that the cryptography has been implemented correctly and that it has not been tampered with.
If you enable the checkbox, the self-tests are executed when PGP Desktop starts up.
Regards,