A few more GnuPG / NAI questions

Simpson, Sam s.simpson@mia.co.uk
Fri, 7 Jan 2000 15:24:46 +0000 

Excuse me if these questions have been posed (and answered!) previously.  I
have looked at the Mini-FAQ and other documentation etc.

I am very new to GnuPG but have used NAI PGP extensively.  I think GnuPG is
FAR better than PGP because of its versatility, but have a couple of
technical queries:

  a) Will GnuPG support "as standard" RSA (with or without IDEA) from Sept
2000?
  
  b) I think a strong argument can be made for allowing a user to "get at"
(e.g. print on the screen) the decrypted session key in case of a court
order rather than having to give up the asymmetric key.  A corresponding
feature could then be added to decrypt a message with a given session key.
Are there any problems with this approach and if not why hasn't it been
implemented?  I've seen the November discussion on the development list RE
this and Werner seems to not like this approach - but I can't think why.
Surely it is empowering users?  I appreciate that I could implement this
myself trivially, but IMHO this is such a potentially useful feature that it
should be a part of the standard distribution.

  c) Are there any downsides to using ElGamal encrypt + sign keys (apart
from the lack of interoperability w/PGP users and the size of signatures...)

  d) Can I create an RSA key with GnuPG?????  I've got the IDEA/RSA modules
compiled and installed but can't find a way of creating an RSA key?

  e) Question on key prefs(gpg --edit-key x| pref)....NAI/PGP created keys
report "S2 S3 S1" whilst GnuPG keys (of either type) report "S10 S3 H3 H2 Z2
Z1".  I guess Sx refers to symmetric cipher whilst Hx is Hash and Zx is
compression....My questions on this are: Is the first item in the list the
"prefered" option?  Why isn't S3+S4 included in the GnuPG list?  Why does
NAI/PGP list only symmetric ciphers whereas GnuPG offers a more complete
list?


I think GnuPG is the sexiest thing since sliced bread.  TIA,

Sam Simpson
Communications Analyst
-- http://www.scramdisk.clara.net/ for ScramDisk hard-drive encryption &
Delphi Crypto Components.  PGP Keys available at the same site.