FAQ and pgp 6+ test

Barry Treahy treahy at mmaz.com
Fri Feb 19 08:16:20 CET 1999

I just subscribed to this list... Why am I getting _THREE_ copies of each
posting?  A bit excessive, no?


Werner Koch wrote:

> Philippe Laliberte <arsphl at oeil.qc.ca> writes:
> > 1- When I read in the documentation that GnuPG is compatible with PGP5+
> > keys, am I correct in understanding that it includes PGP 6 products?
> Should work but I do not have a pgp 6 here (for Unix).
> > 2- Has GnuPG been put thru a methodic safety test? If so is there a paper
> > on the subject?
> Are you talking about general software safety (bufferoverflows and all
> such things) or about the the cryptographic security?
> The algorithms do pass the testvectors so we can assume they are
> correct.  I don't know of any testsuite for rfc2440 so we have to
> check it manually and by comparing against the other
> implementation(s).
> I hope that a lot of people have reviewed the source to make sure that
> confidential information don't leak out and that all parameters are
> choosen safely.
> > and it doesn't seems so. So I did setup a user maintained Automatic
> > FAQ for it. It is situated at http://www.oeil.qc.ca/auto_faq/gnupg/
> I'll put a link on the web page - okay?
>   Werner
> --
> ceterum censeo RSA esse delendam

More information about the Gnupg-devel mailing list