using the same key from PGP and GPG
Leigh S. Jones
kr6x@kr6x.com
Fri Apr 26 07:27:01 2002
I don't seem to be having any trouble exporting keys from gpg 1.06
to PGP 7.03. I think I blundered into setting up the gpg "options"
file
with a set of choices that allow me to export my keys -- both secret
and public -- from one to the other (either direction) and
encrypt/decrypt either direction and sign/verify either direction.
Admittedly, I've limited my testing to methods that I actually intend
using. I do not "sign", I "clearsign". I do not "encrypt", I
"encrypt
ASCII-armored". I export my keys as ASCII-armored files. This
does not mean that the other methods, just that I haven't tested
the other methods.
And, the substantial majority of my testing has been done using
Windows NT. This has all been tested on a Sun system with
Solaris, on An HP system running HPUX, on a Cygwin bash
shell, on Linux, and on Windows 2000 as well, but generally
only a few tests were performed on each platform. The
majority of the testing effort done was intended to verify that
the keyring files from one platform could be used on the other
platforms with simple replacement of files, and that text files
that have been clearsigned using gpg could be verified on PGP
7.03 under Windows NT.
Throughout the effort (which was necessary for a project at
my work) the only problem uncovered was difficulty
accessing keyservers using 1.0.6 Win32 binary versions,
and this problem was not important to the project.
A few tiny oddities were revealed:
Relating to the use of WinPT to view key properties, when
the keys exported from PGP included a photograph,
often the photograph title would apparently be taken by
WinPT to be a user ID.
But I'm presently enjoying the use of WinPT, and I'll
probably make the move to gpg.exe and WinPT.exe
complete with the deletion of PGP from my systems
soon. The gpg/WinPT combination of software has
some limitations -- primarily that the level of integration
of PGP with e-mail tools like Outlook and Outlook
Express is very good and gpg doesn't quite meet this
standard -- but I generally prefer signing/verifying or
encrypting/decrypting the clipboard rather than in a
buffer within the e-mail tool. This is probably a poor
practice when you're connected to a large windows
network because windows has features aimed at pulling
data off of the clipboard on one system and putting it
on another system, and I'm not quite convinced that
there isn't a security issue there. Using a TCP
(forwarded) network eliminates this outside of the
local network because the windows stuff can't be
forwarded.
For me, --openpgp, sha1 hash, and --s2k-cipher-algo
3des, options were all called out in my successful options
file. Unfortunately, I don't have a copy of the good
options file at the moment -- I'll have to put it on the list
tomorrow. I think I abondoned the RFC1991 and
--force-v3-sigs options as being out of date, and used
CAST symmetric key encryption in PGP.
----- Original Message -----
From: "Vincent von Kaenel" <vincent@von-kaenel.com>
To: <gnupg-users@gnupg.org>
Sent: Thursday, April 25, 2002 7:23 PM
Subject: using the same key from PGP and GPG
> Hello,
>
> I have 2 computers, one Linux server and on Window PC. I would like
to
> share the same encryption key form both platforms. On the Linux box,
I'm
> using GPG 1.06 and from the PC box, I'm using Eudora with PGP 7.03.
>
> I tried to generate a key from GPG and export it to the PC box and
> encrypt/decrypt from both platforms. It appears that the PGP version
cannot
> decrypt a message encrypted from the box. I got an error "Bad
> packet" on the PGP version.
>
> I tried different version of the export command, including changing
the
>
> gpg -a --s2k-cipher-algo 3des --compress-algo 1 --rfc1991
> --export-secret-keys
>
> proposed in the FAQ of GNUPG. It did not work, I still get the bad
packet
> error.
>
> I did also the other way experiment, meaning generating keys on the
pgp
> box and exporting them to the GNUPG box and that seemed to work just
fine.
>
> Since I'm more confident in the open source software than in the PGP
> version, I would really like to be able to generate my keys with
GNUPG and
> exporting both the private and public keys to the PC.
>
> Does someone has a solution to this issue?
>
> Regards
>
> Vincent
>
> --
> -------------------------------------------------------
>
> Vincent von Kaenel
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users