Can't decrypt PGP 8 msg

Christian Kanja Christian.Kanja at glueckkanja.com
Thu Oct 9 10:18:34 CEST 2003 

hi david,

"particularly well"... ;-). well, you're somehow right, we made a minor
mistake which was a major problem for gnupg - we did not label the
hash-algorithm and we used IDEA a little bit often.

both is fixed in the new version of cryptoex. we do label the correct
hash and we do not use IDEA if not especialy preferred. and its worth a
look - i think with the new Outlook integration we made a major step
forward in usability for crypto applications.

hope that these changes will help us working together with the
gnupg-community - we would really appreciate feedback if there are
issues in compatibility and we will try to fix these issues fast.

best regards,
christian kanja

ps: i am not sure if this mail will reach the mailing list because i am
not a member of this list. if not, i would appreciate if you forward my
answer. thanks!


===================================================================
christian kanja
glueck & kanja technology ag
christian-pless-strasse 11-13, d-63069 offenbach, germany
phone +49 69 800706 0, fax +49 69 800706 66
web http://www.glueckkanja.com
===================================================================
use strong cryptography to protect your e-mails! 
===================================================================

-----Original Message-----
From: gnupg-users-admin at gnupg.org [mailto:gnupg-users-admin at gnupg.org]
On Behalf Of David Shaw
Sent: Saturday, September 13, 2003 2:41 PM
To: Gnupg-Users
Subject: Re: Can't decrypt PGP 8 msg

On Fri, Sep 12, 2003 at 01:10:23PM -0400, Eugene Smiley wrote:
> Eugene Smiley wrote:
> > Ah, well I correspond with some users who use S/MIME and some who
> > use PGP/GPG. I'm just too lazy to remember to switch back and forth
> > between the two when I can do both. ;)
> 
> Then someone goes and posts the message below to
> pgp-users at cryptorights.org about the CryptoEx plug-ins that manage the
> signing process under MS Outlook or Lotus Notes. Un/forunately I am
> done with Outlook and Notes. ;)

CryptoEx, historically, has not followed the OpenPGP spec particularly
well.  I wonder if they've fixed that yet.

No matter what hash algorithm was really used in clearsigning,
CryptoEx labels it as "MD5" which breaks verification.  It also
encrypts to sign-only keys...

David

More information about the Gnupg-users mailing list