Werner Koch
Fri, 14 Apr 2000 10:46:13 +0200

On Thu, 13 Apr 2000, L. Sassaman wrote:

> about 5.x violations. Show me 6.0 non-compliance issues, other than the
> photo-id packet. Please. (And by the way, OpenPGP *is* an emulation of PGP
> Inc.'s product. ;) )
There used to be a signature subpacket with some X.509 data, the subpacket number was not in the private/experimenatl range and not specified by OpenPGP.
> Note, also, that GnuPG does not use DSS by default. The jury is still out
> on the effectiveness of RIPEMD160 in place of SHA-1 when used with DSA. It
Hmmm? just did a simple test without any special options (gpg -s hallo): $ gpg --list-packets hallo.gpg
:compressed packet: algo=1
:onepass_sig packet: keyid 6C7EE1B8621CC013
version 3, sigclass 00, digest 2, pubkey 17, last=1
:literal data packet:
mode b, created 955701015, name="hallo", raw data: 6 bytes
:signature packet: algo 17, keyid 6C7EE1B8621CC013
version 3, created 955701015, md5len 5, sigclass 00 digest algo 2, begin of digest bf b4 data: [158 bits] data: [160 bits] digest algo 2 is SHA-1, so it looks very much like DSS; I have to confess that the GnuPG does not use the recommended prosecure for key generation. -- Werner Koch OpenPGP key 621CC013 OpenIT GmbH tel +49 211 239577-0 Birkenstr. 12 email D-40233 Duesseldorf