Can't compile RSA / IDEA under Windows
Wed, 6 Sep 2000 13:42:38 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Werner Koch wrote:
> > So, how could the IDEA / Windows version be solved ?
> Wait until 2007.
Am I right understanding your statement as meaning that making GnuPG
compatible with the most trusted and original versions of PGP is of
absolutely no interest to you ?
Well, I have the feeling that a big lot of PGP users and free crypto
supporters wouldn't share this point of view.
On the opposite, many people seem to consider that the success and
diffusion of GnuPG will be very closely related to its ability of
being easily compatible with existing versions of PGP, and existing
PGP keys, on the most common platforms.
If GnuPG wants to be considered as a serious alternative to PGP and a
possible replacement for it, it *has* to put compatibility on the top
of its priorities-list.
> Or go and fix PGP 2 to use CAST5 instead of IDEA - it should be not
> that comlicated. Well, there is still the problem with PGP2's ugly
> way of storing signatures.
Asking to "go fix PGP 2" is pure nonsense. Are you speaking seriously
The way PGP 2 stores signatures may be ugly -- or may not. But one
cannot ignore the fact that PGP 2 was there *years* before GnuPG and
has become so largely trusted that it has become a de facto worldwide
The interesting article "Replacing PGP 2.x with GnuPG" from Kyle
Hasselbacher, available at http://www.gnupg.org/gph/en/pgp2x.html
clearly shows that GnuPG is intrinsically capable of being compatible
with PGP 2.x, but that the choice of making it easy has not been
It would probably be quite trivial to add some options like
- --compat-PGP26x or --compat-PGP5x that would set GnuPG operations
accordingly, rather than having to do some kind of puzzle work trying
to combine the individual existing esoteric options such as --rfc1991
or --force-v3-sigs --s2k-* or --cipher-algo --compress-algo
- --digest-algo .
These options are interesting for specialists, but are definitely not
usable for the average user that would simply like to encrypt a
message that would be readable for a PGP2 user.
Furthermore, the messages that GnuPG displays when using RSA keys or
the IDEA algorithm, stating these are "deprecated" or "obsolete" and
advising the user to "upgrade" are clearly partial.
RSA and IDEA may be encumbered with patent issues (soon to be solved
for RSA), these issues do not make these algorithms "deprecated" nor
"obsolete" nor less trustable than DH/DSS or CAST5.
Therefore, displaying such messages is a partial choice based on
personal opinions and not technical facts.
It would be great if GnuPG could get rid of these little issues,
because it would immediately make it a very serious challenger to
PGP, and would help for its large diffusion.
I wish this message can be understood not as being a personal attack,
or any attempt to start flamewars, this really not being in my
I only wanted to make clear features that a *lot* of current PGP
users currently expect from GnuPG, in the hope that such demands will
Michel Bouissou <email@example.com> PGP DH/DSS ID 0x5C2BEE8F
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
Comment: Corrigez le bug PGP ADK. Installez PGP 6.5.8 ou superieur.
-----END PGP SIGNATURE-----
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to firstname.lastname@example.org