interoperability with pgp

J Horacio MG Horacio <homega@ciberia.es>
Sat, 2 Oct 1999 16:28:35 +0200


El sáb, 02 de oct de 1999, a las 08:32:56 +0000, Graham Murray dijo:

>
> > GnuPG doesn't use the RSA and IDEA algorithms. So you can't use a key
> > which is generated from PGP 2.x (PGP 2.x only knows RSA- and IDEA
> > keys). PGP 2.x can't use a key from GnuPG, because PGP 2.x doesn't
> > knows the algorithms (in this case DSA/EG).
>
> Though it is possible to add support for RSA and IDEA by compiling
> them as modules and using load-extension. Which means that you can
> communicate with PGP 2.x users.
Hold on... we're just going round and round this issue, and the answers are always the same: ``install rsa.c and idea.c modules, and *you'll be able to communicate with pgp2 users*'' !!! Well, this is not quite so. You will, indeed, be able to decrypt pgp2 enciphered messages, plus verify pgp2 signatures, plus... But, ¿does this mean a pgp2 user will be able to decrypt (or verify) a GnuPG encrypted (signed) message? ... If the data treated with DSA/EG keys, it sounds obvious that pgp2 will be unable to deal with it ... ¿or? well, or you might encrypt (sign) the message with GnuPG, but using an RSA key and IDEA for encryption... but this means you ALREADY HAVE A RSA KEY, which you previously generated with pgp2, since GnuPG, for all I know, WILL NOT GENERATE RSA keys regardless the rsa.c and idea.c modules. This is not just a GnuPG-pgp2 issue, it's also a pgp5-2 issue, since most >pgp5 versions don't use RSA. Ok, so I might be wrong somewhere along the line; please, tell me if and where. On a parallel issue... time to talk about the documentation (please, don't flame me for this): (oh, oh, I feel this should be discussed on a differente thread ... bye for now) Regards, -- Horacio mailto:homega@ciberia.es ~ Spain ~Spanje ~ Spanien