Where is the "INTEROPERABILITY WITH OTHER OPENPGP PROGRAMS section"?

Kynn Jones kynnjo at gmail.com
Thu Jul 25 22:28:08 CEST 2019


@Daniel : thanks!!!


On Thu, Jul 25, 2019 at 4:11 PM Daniel Kahn Gillmor <dkg at fifthhorseman.net>
wrote:

> On Thu 2019-07-25 14:00:08 -0400, Kynn Jones via Gnupg-users wrote:
> > The GnuPG documentation refers to an "INTEROPERABILITY WITH
> > OTHER OPENPGP PROGRAMS section", but when I search for this
> > title, I find only references to it, not the actual section.
> >
> > Does any one know where that section is?
>
> It appears to be in the info page, which (on my system) i can access
> with "info gpg" and then searching for "interoperability".  In the
> manual page (gpg(1), accessed via "man 1 gpg") the section is titled
> just "INTEROPERABILITY" (why this difference between info and man?  I
> don't know or understand!)
>
> I reproduce the current version out of info (from 2.2.17) below.
>
> Regards,
>
>         --dkg
>
> INTEROPERABILITY WITH OTHER OPENPGP PROGRAMS
> ********************************************
>
> GnuPG tries to be a very flexible implementation of the OpenPGP
> standard.  In particular, GnuPG implements many of the optional parts of
> the standard, such as the SHA-512 hash, and the ZLIB and BZIP2
> compression algorithms.  It is important to be aware that not all
> OpenPGP programs implement these optional algorithms and that by forcing
> their use via the '--cipher-algo', '--digest-algo',
> '--cert-digest-algo', or '--compress-algo' options in GnuPG, it is
> possible to create a perfectly valid OpenPGP message, but one that
> cannot be read by the intended recipient.
>
>    There are dozens of variations of OpenPGP programs available, and
> each supports a slightly different subset of these optional algorithms.
> For example, until recently, no (unhacked) version of PGP supported the
> BLOWFISH cipher algorithm.  A message using BLOWFISH simply could not be
> read by a PGP user.  By default, GnuPG uses the standard OpenPGP
> preferences system that will always do the right thing and create
> messages that are usable by all recipients, regardless of which OpenPGP
> program they use.  Only override this safe default if you really know
> what you are doing.
>
>    If you absolutely must override the safe default, or if the
> preferences on a given key are invalid for some reason, you are far
> better off using the '--pgp6', '--pgp7', or '--pgp8' options.  These
> options are safe as they do not force any particular algorithms in
> violation of OpenPGP, but rather reduce the available algorithms to a
> "PGP-safe" list.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190725/df149d3d/attachment.html>


More information about the Gnupg-users mailing list