GnuPG and PGP 5.0 compatibility problem
Stefan
stefan-oltmanns at gmx.net
Tue Jul 17 18:45:23 CEST 2007
Robert J. Hansen schrieb:
>> I got a problem with GnuPG and PGP 5.0:
>
> PGP 5.0 substantially predates RFC2440, the IETF standard which GnuPG
> implements. In fact, GnuPG doesn't even have a PGP 5 compatibility
> mode. (It has --pgp6, --pgp7 and --pgp8, but nothing for PGP 5.)
>
> PGP 5.0 is very, _very_ out of date. Please consider upgrading to
> something more recent and standards-conformant.
I got the latest GnuPG. The bank uses "PGP 5.0 for OS/2", unfortunately
I can´t change that.
But I possibly found out the problem: I exported several public keys I
had to PGP 5 and tried to use them for encryption. Some of them worked,
and some (including mine) not. I analyzed the keys with --list-packets
and found out, that the keys that doesn´t work, contain "key flags"
(subpacket 27).
Unfortunately I haven´t found out how to remove this from my key, is
there a (simple) way to do that?
>
>> In case you´re wondering, I do have PGP only for testing purpose,
>> because I can´t get EUMEL of the 1822direkt bank (a system that sends
>> you a OpenPGP encrypted mail with financial transactions on your
>> account) to work, they use PGP 5.0.
>
> To me, this would cause me to doubt whether I wanted them to have my
> financial information at all.
But that doesn´t mean PGP 5 is insecure in any way, it´s just outdated
and not RFC2440 conform, right?
More information about the Gnupg-users
mailing list