PGP 5.x and GnuPG
L. Sassaman
rabbi@quickie.net
Thu, 16 Mar 2000 21:48:53 -0800 (PST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 17 Mar 2000 sen_ml@eccosys.com wrote:
>
> trevor> OK, next question: what the heck is a v3 key? And a v4 key (referred
> trevor> to later in your reply)?
>
> if what is being referred to is key material packets, see sections 5.5.2 of
> rfc 2440:
>
> There are two versions of key-material packets. Version 3 packets
> were first generated by PGP 2.6. Version 2 packets are identical in
> format to Version 3 packets, but are generated by PGP 2.5 or before.
> V2 packets are deprecated and they MUST NOT be generated. PGP 5.0
> introduced version 4 packets, with new fields and semantics. PGP
> 2.6.x will not accept key-material packets with versions greater than
> 3.
>
> OpenPGP implementations SHOULD create keys with version 4 format. An
> implementation MAY generate a V3 key to ensure interoperability with
> old software; note, however, that V4 keys correct some security
> deficiencies in V3 keys. These deficiencies are described below. An
> implementation MUST NOT create a V3 key with a public key algorithm
> other than RSA.
>
> more details as to exactly what is the case for v3 and v4 key material
> packets are available in the rfc.
Ok, the deal with PGP5 and v4 signatures is that PGP5 only handles v4
signatures on keys, while OpenPGP programs should handle them on messages
as well.
- --Len.
__
L. Sassaman
System Administrator | "All of the chaos
Technology Consultant | Makes perfect sense..."
icq.. 10735603 |
pgp.. finger://ns.quickie.net/rabbi | --Joe Diffie
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1c (GNU/Linux)
Comment: OpenPGP Encrypted Email Preferred.
iD8DBQE40cdPPYrxsgmsCmoRAkDgAKDuS2cmP07cxcu2oqwBdUtU+PaqVACgoB16
rnqOIlTwDW5BomrxSxeKmEw=
=LmKD
-----END PGP SIGNATURE-----