Series of minor questions about OpenPGP 1
David Shaw
dshaw at jabberwocky.com
Mon Jan 26 15:52:19 CET 2009
On Jan 26, 2009, at 9:02 AM, Peter Thomas wrote:
> Hi folks.
>
> I'm currently reading RFC4880 and I think I have many minor
> questions... is the gnupg-users list the right place to ask? Or is
> there any better place?
Look for the ietf-openpgp mailing list at http://www.ietf.org/html.charters/openpgp-charter.html
> Anyway,... I think I start right now and ask my first question,..
> (think it's easier to handle if I ask only one or two questions per
> mail-thread).
>
> Hopefully you can help me and hopefully I'm not to annoying ;-)
>
> 1) In chapter 3.7.2.1 on page 13 it says that the octet can have
> values "255 or 254". Is there any difference between the two?
Yes, see section 5.5.3 for the exact details, but in general 254
indicates that there is a SHA-1 hash of the secret data included.
This is to prevent a secret key tampering attack.
> 2) I've digged a little bit into the bit layout of gpg created keys
> (with hd and pgpdump), and it seems that gpg creates packets with
> old packed format (bit 6 in the packet header cleard) whenever
> possible.
> What's the reason for this? I mean the RFC recommends to use the new
> packet format. Can I change that default behaviour? And if I have a
> key, that's already used and signed by others, could I convert it to
> using the new format?
You could convert it, but there is little point. The function of a
packet is the same no matter what. It's purely a question of the
*contents* of the packet. GPG uses the old format when possible for
backwards compatibility reasons.
David
More information about the Gnupg-users
mailing list