DSA = DSS?

L. Sassaman rabbi@quickie.net
Sat, 12 Aug 2000 12:56:25 -0700 (PDT) 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> (Thanks to Werner and yourself I have a better understanding of things

> now. Much gratitude! I need to explicitly clarify, though.)


Always glad to help.
 

> So, if PGP does DSA-SHA1 (but, calls it DSS - fine), and GnuPG does the

> same (it's the default --gen-key option afterall), therefore both can fully

> inter-operate in this pubkey format? 


Yes.
 

> Ditto ELG-E/DH?


Yes. 


> > [To GPG<->PGP] just disable that ELG support, and add the RSA and IDEA

> > modules (provided it's leagal where you are).

> 

> OK.

> 

> [Recapping]

> 

>    		GnuPG		PGP

>    		-----		---

> 

> (DSA/DSS)SHA1	  Y		 Y

> 

> ELG-E/DH	  Y		 Y

> 

> ELG		  Y		 N

> 

> RSA		  N*		 Y

> 

> IDEA		  N*		 Y

> 

> * It is Y(es) if the module/patch available is applied. 


It's definately not a patch. I'll go into the differences if need be...


> I am already aware that GnuPG can do RSA (although can it also generate

> RSA keys after patching?), but rather I was more wondering how firm was the

> inter-operation of the newer pubkey/signkey formats between the two

> applications? 


GnuPG cannot generate rsa v3 keys. I am told that after sept 20, rsa v4
keys will be able to be generated, and there will be no more rsa
module. (rsa v3 and v4 support will be included in GnuPG. Note that PGP
7.0 will also create v4 RSA keys).
 

> Thus, it appears to me at this point that if I use the default GnuPG

> --gen-key option (DSA + ELG-E w/SHA1) I will be just fine communicating

> with PGP 5/6 users. 


Yep. Just be sure to have the --force-v3-sigs option turned on. (PGP 7.0
will handle v4 sigs, but earlier versions don't on non key material.) I
think that is default in the config file, though.


- --Len.

__

L. Sassaman

System Administrator                |  "And all our yesterdays
Technology Consultant               |   have lighted fools..."
icq.. 10735603                      |  
pgp.. finger://ns.quickie.net/rabbi |          --Shakespeare







-----BEGIN PGP SIGNATURE-----
Comment: OpenPGP Encrypted Email Preferred.

iD8DBQE5lavxPYrxsgmsCmoRAlQYAJsHg6Rb2ZA7xcJwwacxl3lGNU3v7wCbBNMm
vXWVV+mBZ6dwKu5w/pt5uTs=
=dS2k
-----END PGP SIGNATURE-----

-- 
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org