HOWTO on interfacing with gnupg/pgp?

Werner Koch wk@gnupg.org
Mon Jun 18 22:23:01 2001


 || On Mon, 18 Jun 2001 21:05:10 +0200 (MET DST)
 || Johan Wevers <johanw@vulcan.xs4all.nl> wrote: 

 jw> Only if you pay for it. :-)

No.  By using IDEA you show that there is still an interest in
patented algorithms.

 jw> the GPL, but I can't find any additional restrictions. The doc's don't say

It says somewhere:  If you want to make money with PGP you have
to arrange with me how I can get my share.  This does not qualify it
as Free Software according to any definition - except for those of Apple
an MS ;-)

 jw> BTW, what are the security issues that pgp 2 suffers and gnupg solves?
 jw> The only one I can think of is the usage of secure memory.

It is really easy to fake the keyID, the same key is used or signing
and encryption and you can tamper with an encrypted text.  The last
point is only fixed in the OpenPGP update which is implemented in
GnuPG and PGP 6.5.8 (MDC on encrypted packets).

Ciao,

   Werner

-- 
Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus