RSA key size restriction?
David Shaw
dshaw at jabberwocky.com
Sun Dec 14 19:00:08 CET 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, Dec 11, 2003 at 10:57:10PM +0100, Johan Wevers wrote:
> David Shaw wrote:
>
> >> Hmm. I wonder how many of those keys were actually generated by GnuPG
> >> and how many were made by certain hacked versions of PGP.
>
> >Yes, but before the key was generated, they had to agree to:
> > The use of this algorithm is only supported by GnuPG.
>
> Doesn't pgp 5.0i for Unix support this? I remember having generated a
> key:
>
> sec 1024D/624B3B3E 1999-10-26 Johan Wevers <johanw at vulcan.xs4all.nl>
> uid Johan Wevers <johanw at xs4all.nl>
> ssb 3072g/1B240FEE 1999-10-26
>
> where gpg complained about insecure key type, once with this version (that,
> BTW, has a RNG bug that compromises security), but I already had it revoked
> for another reason before this GnuPG bug was discovered (the key was already
> possibly compromised, even without faulty signatures).
If I recall, there was a version of PGP that did allow using Elgamal
keys for signatures, but it used the Elgamal encrypt-only keytype to
do it. There was some uncertainty back then - PGP 5.0 came out nearly
a year before RFC-2440.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
iD8DBQE/3PmI4mZch0nhy8kRAv1DAJ9pE/wxLJNZK65nvg+R5MmLQF2XbgCePtxQ
8C29ZQXyH4JUHzpE9aiRrfE=
=eD2e
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list