Generating PGP 2.6.2-compatible RSA signing keys with GnuPG
disastry at saiknes.lv
disastry at saiknes.lv
Thu Mar 28 13:14:01 CET 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Russ Allbery rra at stanford.edu wrote:
> If I understand the issues correctly (and it's quite likely that I don't),
> those "version 4" notes in the packet are a bad sign for compatibility
> with PGP 2.6.2.
yes
> First question: Is this something that's supposed to be working already
> and I'm just doing something wrong?
no,
but it's very easy to patch gpg so that it can generate RSAv3 keys
patch available here:
http://disastry.dhs.org/pgp/gpg/gnupg-1.0.6d-keygen.diff
With patched GPG to generate RSAv3 key:
gpg --expert --pgp2 --gen-key
This patch also enables to generate RSA v4 sign+encrypt key as single key.
Such keys are not recommended, it's better to generate RSA v4 sign-only key and
then generate RSA v4 encrypt-only subkey for it.
Anyway: to generate RSA v4 sign+encrypt key:
gpg --expert --gen-key
> Second question: If this isn't already implemented, are there plans to
> implement it, or is there some other way that I can approach this problem?
I believe users should be able to generate v3 keys in --expert mode,
but I don't think that Werner will apply this patch to official release... :(
__
Disastry http://disastry.dhs.org/
-----BEGIN PGP SIGNATURE-----
Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1
iQA/AwUBPKLsYDBaTVEuJQxkEQPPoQCg6n++keIu+qF15ETDYlLRnYN28bIAoK9r
ifmdx4kLrRbKgB3rlaG0vsT+
=uxZW
-----END PGP SIGNATURE-----
More information about the Gnupg-devel
mailing list