FAQ and pgp 6+ test
treahy at mmaz.com
Fri Feb 19 08:16:20 CET 1999
I just subscribed to this list... Why am I getting _THREE_ copies of each
posting? A bit excessive, no?
Werner Koch wrote:
> Philippe Laliberte <arsphl at oeil.qc.ca> writes:
> > 1- When I read in the documentation that GnuPG is compatible with PGP5+
> > keys, am I correct in understanding that it includes PGP 6 products?
> Should work but I do not have a pgp 6 here (for Unix).
> > 2- Has GnuPG been put thru a methodic safety test? If so is there a paper
> > on the subject?
> Are you talking about general software safety (bufferoverflows and all
> such things) or about the the cryptographic security?
> The algorithms do pass the testvectors so we can assume they are
> correct. I don't know of any testsuite for rfc2440 so we have to
> check it manually and by comparing against the other
> I hope that a lot of people have reviewed the source to make sure that
> confidential information don't leak out and that all parameters are
> choosen safely.
> > and it doesn't seems so. So I did setup a user maintained Automatic
> > FAQ for it. It is situated at http://www.oeil.qc.ca/auto_faq/gnupg/
> I'll put a link on the web page - okay?
> ceterum censeo RSA esse delendam
More information about the Gnupg-devel