A few more GnuPG / NAI questions
Fri, 7 Jan 2000 17:04:35 +0000
-----BEGIN PGP SIGNED MESSAGE-----
> -----Original Message-----
> From: Werner Koch [mailto:email@example.com]
> Sent: 07 January 2000 16:47
> To: firstname.lastname@example.org
> Subject: Re: A few more GnuPG / NAI questions
> [I removed the crosspost to -devel]
> On Fri, 7 Jan 2000, Simpson, Sam wrote:
> > a) Will GnuPG support "as standard" RSA (with or without
> IDEA) from Sept
> > 2000?
> Sure. However I still think that DSA keys are better.
FWIW, I agree totally - but there are still many "die hard" RSA
users that refuse to change (DUH!).
<SNIP RE: getting the decrypted session key>
> If you need this, someone will probably be able to implement it
> you and Shashdot will get a long thread ...
Yes, I see your point. Someone will see that you can get at the
decrypted session key and (out of ignorance...) shout about how
this is insecure :(
> > e) Question on key prefs(gpg --edit-key x|
> pref)....NAI/PGP created keys
> > report "S2 S3 S1" whilst GnuPG keys (of either type) report
> "S10 S3 H3 H2 Z2
> > Z1". I guess Sx refers to symmetric cipher whilst Hx is
> Hash and Zx is
> This means: Get the cipher algorithm by doing an intersection
> software algorithm list with Twofish, CAST5, 3DES
3DES is implicitly tagged onto the end...
> and use the first
> match. Same for hash algorithms and compression algorithm
This makes Twofish the default algorithm if two GnuPG
implementations (e.g. S10 first in the key options!) are used?
> > compression....My questions on this are: Is the first item
> in the list the
> > "prefered" option? Why isn't S3+S4 included in the GnuPG
> list? Why does
> You mean S3, S1? S1 is IDEA and not supported by GnuPG so it
> make sense to create keys which advertise that IDEA may be
(I'm probably confused on this option but...) I meant S3 + S4 -
S3 is CAST & S4 is Blowfish - these two are supported by GnuPG
and I'd expect them to be in this list.
> New GnuPG keys have Blowfish again in their list, as it has
> that it will take some more time to resolve some problems with
Not a key I've just created (w/v1.0.0).
> > NAI/PGP list only symmetric ciphers whereas GnuPG offers a
> more complete
> > list?
> GnuPG is better ;-). There are some defaults defined, so that
> is not real need for this in PGP.
> And PGP is not OpenPGP compliant.
Yes, so it would appear ;)
- -- http://www.scramdisk.clara.net/ for ScramDisk hard-drive
encryption & Delphi Crypto Components. PGP Keys available at the
-----BEGIN PGP SIGNATURE-----
Version: 6.0.2ckt http://members.tripod.com/IRFaiad/
-----END PGP SIGNATURE-----