correction, Re: HushMail interoperability

Len Sassaman rabbi@abditum.com
Tue Sep 3 11:14:06 2002


On Tue, 3 Sep 2002, David Pic=F3n =C1lvarez wrote:

> > Have you read http://www.hushmail.com/about_hushmail/openpgp/ ?
>
> There's not a lot of information there. They don't tel you what key types
> they accept and so on. They don't tell you whether they accept any key
> length either. Worse, I haven't been able to use the applet to upload my
> public key and download one of my friend's public key, getting strange ja=
va
> errors in the process.

Okay, here's the deal with Hushmail and GnuPG. I've read the source for
the PGP sections of the Hushmail crypto engine. It appears from the
comments that they implemented OpenPGP based RFC2440-bis02 (the second
revision of the working draft for the RFC that will replace 2440), and did
not see the need to implement the MDC packets that are now strongly
suggested.

Other implementations that support AES or Twofish, since they were
introduced at around the same time as the MDC packets, understand how to
decode the MDC packets (and, in the case of GnuPG, generate them when used
with AES or Twofish.)

The theory here was that any implementation that spoke AES would also
understand the MDC packets. Unfortunately, Hushmail uses AES without
having the MDC code in it. Therefore, it cannot decrypt messages encrypted
to it by GnuPG (though GnuPG can decrypt Hushmail messages, and Hushmail
can decrypt PGP messages). The immediate work-around is to disable MDC
packets when encrypting to a hushmail user with gpg. --disable-mdc (?).

The good news is that I've contacted Hush about this, and they've said
that the next version of Hushmail will be able to use the MDC packets.

Signing and sig verification all should work fine.

Did you read the fine print about what browsers and Java engines Hushmail
supports? (It works fine for me in IE with M$ Java. It did not work with
Sun's JRE 1.4 in IE, though it will apparently work in Netscape with JRE.)


Len