effects and incompatibilities between GPG1.0.6 and PGP CKT 06

Graham graham.todd@ntlworld.com
Sun Jul 8 20:27:01 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi there, pplf,

On 08 July 2001, I received the following message from you regarding
"effects and incompatibilities between GPG1.0.6 and PGP CKT 06"


>
> > I'm surprised by that because the CKT builds of PGP
> > have been around to my knowledge since PGP 5.x and
> > Imad is both well respected and well known in
> > Windows circles.
>
> The CKT versions have been created to allow big keys (RSA 16k bits) and
> some others customisations.
This may have been the reason the early ckt builds were built, but it is not the main reason now and although you CAN create big keys the documentation now warns against it.
>
> For info, PRZ has asked PGP users to not use these CKT versions for
> compatibility reasons.
PRZ asked that big keys not be used and warned against the use of experimental code, he did not specifically state that CKT builds should not be used. In fact your own quote goes on: QUOTE This is part of the reason why we ask people not to release code changes on their own, but to send them to us, so that we may incorporate some of them (if they seem like good ideas) into our next product release. That is how PGP enhancements from the user community have always been managed since PGP source code was released in 1991. END QUOTE but PGP 6.5.8 is no longer supported by NAI. Those of us who use e-mailers other than those for which NAI has written plug-ins are forced to use PGP 6.5.8, but PGP 6.5.8ckt has security enhancements and additional algorithms incuded and sharpen up the code. There is no "next product release" for us and until NAI issue the SDK for PGP 7.x.x I will happily use PGP 6.5.8ckt
>
> I am not sure that the CKT versions are considered as "respected
> versions" by all the GnuPG / PGP users...
That's a sweeping statement. Certainly some GnuPG/PGP Users might not. But the PGP-Basics group at Yahoo, does (where people are abandoning PGP 7.x.x for PGP 6.5.8ckt), and the Becky Users PGP Forum does, both of which I moderate I am happy to debate this forever, but I think its getting a bit OT. My earlier point has not been answered: how about inviting Imad into the OpenPGP WG where we can all benefit from his input? - -- Graham <graham.todd@ntlworld.com> Please use my PGP/GnuPG Key ID: 0xE935DB9D Written on 08 July 2001 19:05:20 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (MingW32) Comment: Powered By Becky!2 iD8DBQE7SKWXIwtBZOk1250RAnEKAKCd/f6gzWoOZtZFZCYhpBv7PK5QwQCg+SDW kfweJJMa3O/HrpZANODQlbE= =0kw7 -----END PGP SIGNATURE-----