followup: signing with a v3 rsa key in 1.1.9.2

disastry@saiknes.lv disastry@saiknes.lv
Tue Sep 17 11:09:06 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

vedaal wrote:
> found the reason:
> 
> rsa v3 keys generated in 6.5.8 have the symmetric algo as 'cast-5' by default,

not by default.
6.5.8 uses CAST5 or 3DES for RSA v3 keys _only_ if IDEA is disabled.

> while in 2.6.x it is 'idea'

with 2.6.3ia-multi06 you can use CAST5 and other ciphers too..

> what is unusual, is that if the key is checked in 'key properties' in pgp keys,
> the symmetric algo is listed as 'idea' for 'any' v3 rsa key, no matter how it was generated,
> 
> the actual algo used will be listed in pgpdump,

6.5.8ckt shows the cipher that was used to encrypt secret key.

> so, the 2.6.x keys need the 'idea' module installed,
> while v3 rsa keys generated in later versions,

they need IDEA module too, normally

> {or in 2.6.x Multi with the option specified as a non-'idea' algorithm},
> do not
> 
> vedaal

__
Disastry  http://disastry.dhs.org/
http://disastry.dhs.org/pgp <----PGP plugins for Netscape and MDaemon
 ^----PGP 2.6.3ia-multi06 (supports IDEA, CAST5, BLOWFISH, TWOFISH,
      AES, 3DES ciphers and MD5, SHA1, RIPEMD160, SHA2 hashes)
-----BEGIN PGP SIGNATURE-----
Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1

iQA/AwUBPYa4BDBaTVEuJQxkEQOeEQCg7PGjjufhMFCg/e594D7GAESgglQAoL2p
ZpL396OSMJV5bkYbPfYHeW3i
=h+tH
-----END PGP SIGNATURE-----