Generating PGP 2.6.2-compatible RSA signing keys with GnuPG

Len Sassaman rabbi at
Thu Mar 28 00:20:01 CET 2002

On Wed, 27 Mar 2002, Russ Allbery wrote:

> For the gnu.* hierarchy, we'd obviously prefer to use GnuPG for all stages
> of the process rather than using PGP (which is not free software).  I see

PGP 2.3 was GPL'd. There might be forks of that floating around somewhere
that still bear the GPL, if that will serve your purpose. (2.3 proper
won't work, because it uses v2 keys.)

> If I understand the issues correctly (and it's quite likely that I don't),
> those "version 4" notes in the packet are a bad sign for compatibility
> with PGP 2.6.2.

Yes; PGP 2.6.2 used a different key format, version 3, which had a number
of problems with it. The IETF created a new, improved key format to
address a number of these issues. OpenPGP compliant apps all use v4.

> First question:  Is this something that's supposed to be working already
> and I'm just doing something wrong?

Nope -- GnuPG has partial v3 key support, but does not generate them.

> Second question:  If this isn't already implemented, are there plans to
> implement it,

To my knowledge, there are no plans to implement it, because encouraging
the creation of more v3 keys isn't really the best thing to be doing.

> or is there some other way that I can approach this problem?

Have everyone upgrade to an OpenPGP compliant application, like GnuPG or
PGP 6.5.8/7.x

Other than your suggestion below, not really. There are some utilities out
there that will convert a v4 RSA key to a v3 key, but I don't know how
stable they are.


More information about the Gnupg-devel mailing list