Can't compile RSA / IDEA under Windows

Werner Koch wk@gnupg.org
Wed, 6 Sep 2000 14:31:00 +0200 

On Wed, 6 Sep 2000, Michel Bouissou wrote:


> Am I right understanding your statement as meaning that making GnuPG

> compatible with the most trusted and original versions of PGP is of

> absolutely no interest to you ?


Not if this bloats the code.  If someone wants to add such a feature
to a wrapper, GnuPG already has some options to help with that.

Have a look at the current keyserver stats (pgp.net):

Version 2 keys:       17763         
Version 3 keys:      115803         
Version 4 keys:     2062301         
RSA keys:            133556         
RSA keys (sign):          8         
RSA keys (encrypt):       8         
ELGamal keys:       1032275         
DSA keys:           1029819    

So we have 10 times more DSA/ElGamal keys than old RSA keys; I don't
see any reason to add more PGP compatibility.  The old RSA keys are
usable without any restrictions in 2 weeks,  IDEA is used only to
protect the secret key (trivial to change) and as the session key in
mails.  If you keep a large pile of PGP 2 encrypted mails in an
archive you can write a script to reencrypt them with a non-patented
algorithm.


> Asking to "go fix PGP 2" is pure nonsense. Are you speaking seriously

> ?


Yes.  It is not much work to hack PGP2 to support CAST5  - however,
IMO I don't think it is worth the time.


> The way PGP 2 stores signatures may be ugly -- or may not. But one

> cannot ignore the fact that PGP 2 was there *years* before GnuPG and

> has become so largely trusted that it has become a de facto worldwide


There is no problem to verify PGP 2 created signatures.  It simply
works (if you can use RSA)


> RSA and IDEA may be encumbered with patent issues (soon to be solved

> for RSA), these issues do not make these algorithms "deprecated" nor

> "obsolete" nor less trustable than DH/DSS or CAST5.

> Therefore, displaying such messages is a partial choice based on

> personal opinions and not technical facts.


It is not my personal opinion but the one of the GNU project.
Please read the GPL to see why we can't distribute any software 
which uses an patented algorithm.


> It would be great if GnuPG could get rid of these little issues,

> because it would immediately make it a very serious challenger to

> PGP, and would help for its large diffusion.


So startup your editor and implement that feature in pgpgpg, gpg or
wherever you want it.  But keep in mind that you are going to
violate the license if you add IDEA to the distribution.

  Werner
  

-- 
Werner Koch				GnuPG key:  621CC013
OpenIT GmbH                             http://www.OpenIT.de

-- 
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org