--pgp2 option

David Shaw dshaw at jabberwocky.com
Sat Nov 24 18:37:02 CET 2001


On Sat, Nov 24, 2001 at 08:58:22AM -0800, Rich Wales wrote:
> David Shaw wrote:
> 
>     > General question for the group: is it better to warn,
>     > rather than prevent the user from doing something that
>     > will blow up PGP2?
> 
> I'd prefer to see the 2048-bit key length limit removed.  Some people
> use longer RSA keys (with modified versions of PGP2 that support such
> keys), and they should not be arbitrarily prevented from using GnuPG
> (or induced to create custom-modified versions of GnuPG).

The pgp2 patch doesn't prevent a PGP 2 user from using GnuPG.  All it
does is pre-set the various options to be PGP 2-compatible, and
prevent them from generating a message that would break PGP 2.

Anyone is free to use --cipher-algo, --digest-algo, --rfc1991, etc, to
generate the same exact messages.

I do know there are around a zillion variations of "PGP 2", but a
message prepared for the baseline MIT PGP 2.6.2 will work with all of
the variations.

David

-- 
   David Shaw  |  dshaw at jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 493 bytes
Desc: not available
Url : /pipermail/attachments/20011124/8aec0c05/attachment.bin


More information about the Gnupg-devel mailing list