Another Lost Newbie

Kirk Fort kfort at kfort.dyn.ml.org
Fri Sep 25 15:01:14 CEST 1998


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Fri, 25 Sep 1998, John A. Martin wrote:

> Kirk Fort gave such a nice informative and gentle answer to the last
> Newbie question that I am encouraged to ask several more.
Thanks

> In what ways is gpg inter-operable with pgp2 and pgp5?  In what ways
> is it not?

Alot of the compatibility between pgp and gpg relies on the use of the gpg
loadable extension modules.  pgp2 generated, and pgp5 uses keys that use
patented algorithms such as RSA and IDEA.  The use of RSA keys and IDEA
encryption is generally frowned upon today, but many such keys are already
in circulation.  gpg is not able to include these algorithms into the main
distribution because they are patented, their legal use it limited, and
gpg and released under the gnu license.  However, gpg can be made to work
with rsa and idea by downloading the modules from the gpg ftp site.  They
are called 'rsa.c' and 'idea.c'.  I believe they may be in the 'old'
directory.  Compile these files like it says in the source, and put them
in your module directory and you can load them.  I have not been able to
experiment with loadable modules, as I use freeBSD 2.2.7 and currently the
the way gpg handles the modules depends on the elf file format.  I see
that you use linux, so this should not be any trouble for you.  freeBSD
3.0, which will be released early in october, will be elf.  I believe that
werner or someone else has supporting a more general module loading
technique on the todo list, so that users of openBSD, netBSD, (windows?),
can use the extensions.  There is more information on loadable modules on
the man page.

> What are the problems, limitations, and utility of placing pgp2 and
> pgp5 public keys on a gpg keyring?
Works, but if you try to import rsa keys and do not have the rsa module
loaded it will error.

> Are gpg public keys useful to users of pgp2 and pgp5?
yes

> What are the problems and what is the utility of placing pgp2 and pgp5
> secret keys on a gpg secret-key ring?
I do not believe there are any problems. I was able to import my sister's
pgp 5.5i key (dsa I believe) onto my secret key ring.

> Are gpg secret keys useful on a pgp5 secret-key ring.
I was not able to import my dsa secret key onto the pgp 5.5i keyring.

> How would one share a gpg secret key for a "role account" among users
> of gpg, and users of pgp2 or pgp5 (or only with users of pgp2) where
> the public key must be useful for signature verification by the same
> means that pgp2 and pgp5 signatures are verified.  In other words can
> a gpg key be used for authentication of a role contact at
> InterNIC.net.  (<hostmaster at InterNIC.net> has not been forthcoming in
> answer to this question.  The InterNIC only needs to verify signatures
> on transaction requests as they do for pgp2 and pgp5 signatures.)

I do not know what this means, but you can verify signatures if you have
the public key successfully imported.

Hope this helps.

I have a quick question of my own for anyone that sees this.  Is there a
good way to verify attached signatures?  I use pine.  Is there a way to
export a msg to a file without getting the headers too? Thanks.

Kirk Fort

-----BEGIN PGP SIGNATURE-----
Version: GNUPG v0.4.0 (FreeBSD)
Comment: Get GNUPG from ftp://ftp.guug.de/pub/gcrypt/

iEYEARECAAYFAjYL2m0ACgkQf+niZZlBRVN95QCfQGvwW0jZLpMfrIVSC5M/9HT1//4An0Hn
8jO7ixwJLHBkUXktyZwf3WwN
=1cw3
-----END PGP SIGNATURE-----





More information about the Gnupg-devel mailing list