New beta
MFPA
2014-667rhzu3dc-lists-groups at riseup.net
Sat Sep 27 16:21:26 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi
On Thursday 25 September 2014 at 7:12:12 PM, in
<mid:54245AFC.3030007 at gmail.com>, Murphy wrote:
> On 09/25/2014 01:06 PM, MFPA wrote:
>> Other than whether GnuPG 1.x locks up on encountering
>> the unrecognised key type when trying to encrypt, or
>> whether it errors out, or just uses the next
>> encryption-capable subkey. I think this can only be
>> tested with the public key.
> Also here are the public keys for Grumpy from both gpg
> and gpg2.1
Thanks.
Using GnuPG 1.4.18, I succcessfully signed with and encrypted to
Grumpy's key.
GnuPG output for signing:-
C:\Documents and Settings\Administrator\Desktop\Scribble_Pad>gpg
--local-user grumpy --clearsign test.txt
gpg: using character set `utf-8'
gpg: can't handle public key algorithm 19
gpg: no secret subkey for public subkey 0x4EB8453C635A015B -
ignoring
You need a passphrase to unlock the secret key foruser: "Grumpy
(RSA) <g at g>"
2048-bit RSA key, ID 0x0C6C60ECF7CD83F4, created 2014-09-24
gpg: writing to `test.txt.asc'
gpg: RSA/SHA512 signature from: "0x0C6C60ECF7CD83F4 Grumpy (RSA)
<g at g>"
The file was signed with the main key after not recognising the secret
subkey. Signature verified OK.
GnuPG output for encryption(+signing):-
C:\Documents and Settings\Administrator\Desktop\Scribble_Pad>gpg
--local-user gr umpy --clearsign test.txt
gpg: using character set `utf-8'
gpg: can't handle public key algorithm 19
gpg: no secret subkey for public subkey 0x4EB8453C635A015B -
ignoring
You need a passphrase to unlock the secret key for user: "Grumpy
(RSA) <g at g>"
2048-bit RSA key, ID 0x0C6C60ECF7CD83F4, created 2014-09-24
File `test.txt.asc' exists. Overwrite? (y/N) y
gpg: writing to `test.txt.asc'
gpg: RSA/SHA512 signature from: "0x0C6C60ECF7CD83F4 Grumpy (RSA)
<g at g>"
File was encrypted to the older, encryption-capable, RSA subkey.
Decrypted OK (and the signature was good).
So, it would seem that adding ECC signing subkeys to an RSA key does
not completely break compatibility with GnuPG 1.4.18: the 1.4.x user
can still encrypt to the non-ecc subkey and can sign with the main
key. Obviously ECC signatures could not be checked with 1.4.x.
Presumably, it would still work if the ECC subkey were an
encryption-capable subkey. But I have not seen this in action.
And I wonder whether 1.4.x could cope with RSA subkeys on an ECC main
key.
- --
Best regards
MFPA mailto:2014-667rhzu3dc-lists-groups at riseup.net
Learning without thought is naught;
thought without learning is dangerous.
-----BEGIN PGP SIGNATURE-----
iPQEAQEKAF4FAlQmx+tXFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
N0VDQTAzAAoJEKipC46tDG5plNQD/39jYLv3f3TumrDZ0HFDpFXTLWEDI0tAVRpy
DrYXdBl+4LUIaAajw6IKC14BssCCmkswhz2CHbSnzVRrly1kc1j/AZgKrhVNnptK
UyE/FH1v8rps51fY2D6Fe4XLiEGHE5MgeET9KdqYyQ5WVSOBkDVYQOt3LixBb/eB
HK+Yx4Jo
=bush
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list