Problems with compatibility between GnuPG 1.2.2 and PGPTools 7.0.3
David Shaw
dshaw at jabberwocky.com
Thu Sep 11 18:14:01 CEST 2003
On Thu, Sep 11, 2003 at 10:48:41AM -0400, Michael Young wrote:
> > I've thought about doing a "pgpX" macro. I'd rather that PGP did the
> > right thing rather than load up GnuPG with these sort of hacks though.
>
> It's already partially loaded. There are command-line switches
> that set these preferences, but they appear to work only for
> encryption, not key generation or editing [in 1.2.1, anyway].
True, but not completely true. The --pgpX switches do not set
preferences - rather, they eliminate preferences. This is a
significant difference, because forcing preferences by a switch could
actually cause the exact algorithm-not-available problem that the user
was trying to avoid. For example, when --pgp6 is used, the cipher
preferences are not set to IDEA/3DES/CAST5... rather, everything that
isn't IDEA/3DES/CAST5 is removed. You could do much the same thing
with "personal-cipher-preferences s1 s2 s3".
> I'd be equally happy if --gen-key or --edit-key/updpref would use the
> preferences from a --pgp7 (or similar) switch. This would involve
> no new switches or macros, but it would change behavior, so I knew
> you might be reluctant to do that.
The --pgpX flags are an interesting issue. The idea is to generate a
PGPx compatible *message*, not to emulate that version of PGP in all
matters. --pgpX is to be used on the (usually rare) occasion when the
preferences on a key are known to be wrong. It has little other
purpose.
(--pgp2 is a little different here since PGP 2.x is substantially
different from the modern PGPs, so that flag does more than restrict
preferences).
David
More information about the Gnupg-devel
mailing list