Few questions

Werner Koch wk at isil.d.shuttle.de
Wed Jul 22 17:12:55 CEST 1998 

Markus Gruber <Markus.Gruber at ilo.baynet.de> writes:

> 1) gpg-pgp5 interoperation.
> - I generated a "DSA and ElGamal (default)" key, which is the PGP5 compatzible 
> one (am I right?). GPG uses this key for all actions (encrypt, encrypt-sign 

Yes, but ...

PGP Inc will not support the new algorithm identifier 20 for ElGamal
keys which maybe used for signing too.  PGP 5.x is a properitary
product so it is up to them - and now that I know the fee you have to
pay for PGP 5.x, I understand why they don't want any compatibility
with other products - we will see ;-)

The next version of GNUPG will use algorithm identifier 16 to overcome
this problem.  What you can do, is to delete your ElGamal subkey (Is it
yet possible?) and add a new one (--add-key) and select encryption
only key.

> Key ring: 'hugo.pgp'
> Type Bits KeyID      Created    Expires    Algorithm       Use
> pub  1024 0xA0643A55 1998-07-22 ---------- DSS             Sign only   <--  
> sub  1024 0xA268D25C 1998-07-22 ---------- Diffie-Hellman                 
> uid  Markus Gruber (This is me) <markus.gruber at ilo.baynet.de>

I wonder why PGP knows that this is a Diffie-Hellman key (and they
should chnage this to read ElGamal!).  If they don't know about 
algorithm 20 , tsss.  Which version is it?

> markus at poro:/opt/home/markus > pgpe -r 0xA0643A55 test
> No encryption keys found for: 0xA0643A55

Okay PGP does not know how to locate this key.

> When I sign the test file with "gpg --sign -a test", and pass it thru pgp5, I 
> 
> ---------------------------------------------------------
> markus at poro:/opt/home/markus > pgpv test.asc
> Opening file "/dev/null" type text.
> ---------------------------------------------------------

For now use "-z 0" to sign.  Two reasons:

  - PGP 5 does not know how to handle compress algorithm 2
  - May be it is not valid to pack all stuff in a compressed packet at
    all (I have to check this) 

> Am I doing something wrong?
> How need things to be setup to get full interoperation (encrypt, encrypt-sign, 

As soon as we have preferences work it should be much easier.
You may add "--compress-algo 1" to your ~/.gnupg/options

> I hope I haven't bored you with this potentially stupid question.

No.  I need these bug reports.  Thanks.

> 2) A passphrase argument
> It would be nice, if the passphrase can be passed to gpg as a commandline 
> argument in batchmode (like pgps ... -z <passphrase>).
> I did not found the possibility yet. It would be easier then to integrate gpg 
> into a mailer like exmh.

NO! Try this:

	ps -aw

and everyone can see the passphrase.

I suggest you do this: 

	echo "Secret and geheime Passphrase" | pgp --passphrase-fd 0 ...




Werner

More information about the Gnupg-devel mailing list