GnuPG and PGP 5.0 compatibility problem

Robert J. Hansen rjh at sixdemonbag.org
Tue Jul 17 19:11:51 CEST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Stefan wrote:
> But that doesn´t mean PGP 5 is insecure in any way, it´s just outdated
> and not RFC2440 conform, right?

GnuPG is an RFC2440-conformant application.

PGP 5.0 is not RFC2440-conformant.  It far predates RFC2440.  The two
applications do not work together well.

That's not to say they can't be finessed into working together.  They
clearly can be.  However, I would not trust my financial data to a
communications system that was built of parts that did not interoperate
well.

That said, your security model is your own lookout.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (Darwin)

iQEcBAEBCgAGBQJGnPhXAAoJELcA9IL+r4EJPYEH/i689ewuA+F3lnGomQULd0/z
UO+tM/Cpxkvdpbo8Pmx3dz4HznjobVZajEicuT0MRSbGtgWBNB0lDm7rN6mwPFl1
QHDBZlYSGjTu6wSc0f/G2j8wGHzWjJWKIUlknfENd3KAsNBiQ6gebVDdyUY4WGf5
ZfnOkM6YYfzRicVHGG6uNrGrFJ0dUSQ2YBrblYgxeBOCI3IsuGvrND3rG8CjNzvK
llXgA4j8Hy9DG5u+DoU5lMxJP5oSUfeHO+81lbAchhz0dijY9HgeY0EG25vR75OB
anopJrc3byST4c2csPC7z2K/tKEM0355VaMqRUYg4c2N/7d2+3YWTxKpJHFH9Bw=
=VSvJ
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list