Ugly question

Werner Koch wk at
Mon Jan 25 21:32:04 CET 1999

"John A. Martin" <jam at> writes:

> Does a gpg user, or any user, know whether a pgp5+ public key
> corresponds to a private key that is subject to GAK/CAK.  If these

If you are talking about forced encryption to another parts - that is 
possible with gpg too:  add some recipient lines into the options file
and you have it; but sure you can disable it by using another option
file - anyway if you don't trust your sysadmin you should not use an
encryption program on such a system.

> properties are unknowable then should gpg give a warning when it sees
> a key that does not look like it is rfc2440 compliant?

rfc2440 does not specifify such thinks (actually they have been
removed from a very early draft)

> Will rfc2440 (sec split-key and group-key flags permit an

These attributes are not yet specified (I know that pgp 6 uses them).
and split keys really make sense.

> private key?  How do we know whether the key flags can be trusted?

by reading the source.

GnuPG provides the full source and you can add or remove everything
you like or don't like.  Semi-automatically encryption to another
reciepient really makes sense in some cases but it should never happen
in disguise.



More information about the Gnupg-devel mailing list