need help for GPG 1.2.1 binary for REHL 5.8

Peter Lebbing peter at digitalbrains.com
Thu Aug 22 10:48:28 CEST 2013


> I try to reply Peter. But it has bounced from his email id.

The mail got delivered to me without generating a bounce, or as my primary mail
server liked to put it:

2013-08-21 02:48:53 1VBwbV-00021r-DK <= prvs=93857aca4=snehendu.ghosh at tcs.com
H=inmumg02.tcs.com [219.64.33.222] I=[83.161.152.50]:25 P=esmtp S=12319
id=OF6479E12C.F115F479-ONCA257BCE.00031D1A-CA257BCE.0004895B at tcs.com
2013-08-21 02:48:54 1VBwbV-00021r-DK => peter at digitalbrains.com
R=special_routing T=remote_smtp H=butters.digitalbrains.com [2001:980:a370::4]
X=TLS1.0:RSA_AES_256_CBC_SHA1:32 C="250 OK id=1VBwbM-0008DP-6l"
2013-08-21 02:48:54 1VBwbV-00021r-DK Completed

The mail also got delivered to gnupg-users as the web archive has it, so I think
the problem was either on your side or with one of the CC:-addressees.

> I was not listed previously. Sending again.

I don't understand what you mean.

On to the subject...

> Now the problem is the existing iHUb system is very old and it has 1.2.1 
> version for encryption/decryption. We are assuming all the third parties are 
> using same old version for encryption/decryption in their side.

I keep being amazed by companies using very old software which handles data
coming from the internet. Especially if that software includes GnuPG, which is
supposed to Guard something. All this old software is simply not safe anymore
because there are known security issues /which have not been fixed/ because you
are supposed to use a more recent version where the issues /are/ fixed. Back
then, the programs were fine because the security issues were (in principle) not
known, and people need to know about the issue to exploit it (or fix it). These
days, the issues /are/ known and a bit of Googling or reading release notes can
get you on the path to exploitation. I'm not talking about GnuPG here
specifically, I'm talking about ancient, unsupported software in general.

> And there is no issue with encryption/decryption in existing system. It is 
> much stable.

You don't /see/ security issues.

> Now assume a scenario, where we implement 1.4 version in our to-be system, 
> encrypt a file with 1.4 version and send it to a third party. We are not
> sure if that third party will able to do decryption using a lower version.

I wholeheartedly agree with Robert J Hansen's reply: GnuPG implements the
OpenPGP /standard/. Different implementations are explicitly supposed to work
with eachother, and there should be no problem with using 1.4 with 1.2.1.
"Should be" is not meant to say "I'm reasonably sure", it's meant to say "it's
designed that way".

> Can we set up a tele-conference with you today so that we can explain you our
> requirement ?

This is a public mailing list for users enthusiastic about GnuPG and the
developers to talk about the program and crypto in general. If you need
commercial support, please contact g10 Code GmbH, owned by Werner Koch, the
principal author of GnuPG.[1]

Good luck,

Peter.

PS: Some people on this list would much prefer it if you send plaintext mails,
without the HTML part. Or, as in the "About Gnupg-users" text on the mailman
page[2]:
> Some kinds of postings will not be accepted: e.g. large ones, mails without 
> the list name in the To: or CC: header and HTML mails. Your mail client does 
> have an option to send plain text only messages; try this if you don't get 
> your posting through or notice it in the archive.

[1] http://g10code.com/
[2] http://lists.gnupg.org/mailman/listinfo/gnupg-users

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list