Problem encrypting to a hushmail gpg key
Sean Rima
sean at srima.ie
Fri Jan 29 21:55:15 CET 2010
David
Yes the key is generated by hushmail.com. Not sure if they will listen
to me, but I will forward this to the list where the problem
originated
Thanks for the help and sorry for top posting, on my BlackBerry (and
sadly no gnupg)
Sean
On 1/29/10, David Shaw <dshaw at jabberwocky.com> wrote:
> On Jan 17, 2010, at 12:23 PM, Sean Rima wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hi
>>
>> A friend on the pgpnet mailing list is using a hushmail.com gpg key but
>> when I import it, I get:
>>
>> C:\Users\Sean Rima>gpg --import < test.txt
>> gpg: key C4E23A82: accepted non self-signed user ID
>> ""*********@hushmail.com" <---- at hushmail.com>"
>> gpg: key C4E23A82: public key ""---- at hushmail.com"
>> <jefallen at hushmail.com>"
>> imported
>> gpg: Total number processed: 1
>> gpg: imported: 1 (RSA: 1)
>>
>>
>> If I edit the key, I see:
>>
>> pub 0s/C4E23A82 created: 2010-01-07 expires: never usage: SC
>> [ unknown] (1). "------ at hushmail.com" <------ at hushmail.com>
>>
>>
>> I see there is no encrytion subkey.
>>
>> If I look at the key with --list-packets, I see
>>
>> C:\Users\Sean Rima>gpg --list-packets < test.txt
>> :public key packet:
>> version 4, algo 3, created 1262830845, expires 0
>> unknown algorithm 3
>
> Algorithm 3 is "RSA Sign-Only".
>
>> :public sub key packet:
>> version 4, algo 2, created 1262830846, expires 0
>> unknown algorithm 2
>
> Algorithm 2 is "RSA Encrypt-Only".
>
>> :signature packet: algo 3, keyid 7853D9CDC4E23A82
>> version 4, created 1262830857, md5len 0, sigclass 0x18
>> digest algo 2, begin of digest 8b f2
>> hashed subpkt 2 len 4 (sig created 2010-01-07)
>> subpkt 16 len 8 (issuer key ID 7853D9CDC4E23A82)
>> unknown algorithm 3
>>
>
> Both of those algorithms are deprecated in the OpenPGP spec: "RSA
> Encrypt-Only (2) and RSA Sign-Only are deprecated and SHOULD NOT be
> generated, but may be interpreted."
>
>> I am using gpg2.0.12 (waiting for gpg4win to be compiled to latest)
>
> The 1.4.x branch will interpret these deprecated keys (internally treating
> them as regular RSA with the appropriate encrypt or sign flags). I don't
> think gpg2 does that.
>
> Was this generated by Hushmail? If so, they to stop generating keys that
> the spec says SHOULD NOT be generated :)
>
> David
>
>
--
Sent from my mobile device
More information about the Gnupg-users
mailing list