PGP and GPG

Michael H. Warfield mhw@wittsend.com
Mon, 13 Nov 2000 16:08:27 -0500 

On Mon, Nov 13, 2000 at 07:56:11PM +0000, Graham wrote:

> -----BEGIN PGP SIGNED MESSAGE-----

> Hash: SHA1



> Hi there, Brad Handy,



> On 13 November 2000, I received the following message from you regarding

> "PGP and GPG"



> BH> Can PGP encrypted messages be decrypted by GPG and vice versa?  If both are

> BH> decrypt the other then what versions of PGP can GPG understand and what

> BH> versions of GPG can PGP understand?

> BH> 

> BH> Brad



> Under Windows, PGP 5.x to 7.0 messages can be decrypted by GnuPG 1.0.4,

> but PGP 2.6.x messages cannot.  If GnuPG (Windows version) is used to

> generate a key which will encrypt a message, PGP cannot decrypt it.

> However, if GnuPG is used to encrypt with a key generated by PGP 5.x

> to 7.0, the message can be decrypted by PGP 7.0 and may be decrypted

> by PGP 6.x.x  I am not sure about PGP 5.x.x, as I have not had to deal

> with messages using keys generated by PGP 5.x AFAIK.


	Why is it that I can decrypt PGP 2.6.x messages by GnuPG under
Unix but you can not under Windows?  Is it because you can not specify
the configuration options you need or is it because you can not load
the "idea" module?

	Under Unix, GnuPG 1.0.4 seems to decrypt 2.6.x messages just fine
provided that you have loaded the "idea" dynamic module and you have
specified the following options:

	--compress-algo 2
	--cipher-algo IDEA
	--digest-algo MD5
	--s2k-cipher-algo IDEA
	--s2k-digest-algo MD5
	--rfc1991
	--allow-non-selfsigned-uid

	If you have an earlier version of GnuPG, you REALLY need to upgrade
due to the file verification bug.  But you may also need to load the rsa
dynamic module if you have a version prior to the expiration of the RSA
patent and the inclusion of rsa into the base package.


> GnuPG will deal easily with Twofish encryption as used in PGP 7.0



> Broadly speaking, GnuPG is a better encryption/verification program

> than PGP IMHO, but in Windows it does not yet have the GUI that PGP

> does, nor keyserver support.


	True...  Very true...


> Graham                  reply to: graham@todd276.worldonline.co.uk



> Please PGP/GnuPG sign mail for verification and encrypt for internet security


	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

-- 
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org