GnuPG and PGP 5.0 compatibility problem

Stefan stefan-oltmanns at
Tue Jul 17 18:45:23 CEST 2007

Robert J. Hansen schrieb:
>> I got a problem with GnuPG and PGP 5.0:
> PGP 5.0 substantially predates RFC2440, the IETF standard which GnuPG 
> implements.  In fact, GnuPG doesn't even have a PGP 5 compatibility 
> mode.  (It has --pgp6, --pgp7 and --pgp8, but nothing for PGP 5.)
> PGP 5.0 is very, _very_ out of date.  Please consider upgrading to 
> something more recent and standards-conformant.

I got the latest GnuPG. The bank uses "PGP 5.0 for OS/2", unfortunately 
I can´t change that.
But I possibly found out the problem: I exported several public keys I 
had to PGP 5 and tried to use them for encryption. Some of them worked, 
and some (including mine) not. I analyzed the keys with --list-packets 
and found out, that the keys that doesn´t work, contain "key flags" 
(subpacket 27).
Unfortunately I haven´t found out how to remove this from my key, is 
there a (simple) way to do that?

>> In case you´re wondering, I do have PGP only for testing purpose,
>> because I can´t get EUMEL of the 1822direkt bank (a system that sends
>> you a OpenPGP encrypted mail with financial transactions on your
>> account) to work, they use PGP 5.0.
> To me, this would cause me to doubt whether I wanted them to have my 
> financial information at all.

But that doesn´t mean PGP 5 is insecure in any way, it´s just outdated 
and not RFC2440 conform, right?

More information about the Gnupg-users mailing list