New beta

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Sat Sep 27 16:21:26 CEST 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Thursday 25 September 2014 at 7:12:12 PM, in
<mid:54245AFC.3030007 at gmail.com>, Murphy wrote:


> On 09/25/2014 01:06 PM, MFPA wrote:
>> Other than whether GnuPG 1.x locks up on encountering
>> the unrecognised key type when trying to encrypt, or
>> whether it errors out, or just uses the next
>> encryption-capable subkey. I think this can only be
>> tested with the public key.

> Also here are the public keys for Grumpy from both gpg
> and gpg2.1

Thanks.

Using GnuPG 1.4.18, I succcessfully signed with and encrypted to
Grumpy's key.


GnuPG output for signing:-


      C:\Documents and Settings\Administrator\Desktop\Scribble_Pad>gpg
                   --local-user grumpy --clearsign test.txt

      gpg: using character set `utf-8'
      gpg: can't handle public key algorithm 19
      gpg: no secret subkey for public subkey 0x4EB8453C635A015B -
      ignoring

      You need a passphrase to unlock the secret key foruser: "Grumpy
      (RSA) <g at g>"

      2048-bit RSA key, ID 0x0C6C60ECF7CD83F4, created 2014-09-24

      gpg: writing to `test.txt.asc'

      gpg: RSA/SHA512 signature from: "0x0C6C60ECF7CD83F4 Grumpy (RSA)
      <g at g>"

The file was signed with the main key after not recognising the secret
subkey. Signature verified OK.



GnuPG output for encryption(+signing):-


      C:\Documents and Settings\Administrator\Desktop\Scribble_Pad>gpg
      --local-user gr umpy --clearsign test.txt

      gpg: using character set `utf-8'
      gpg: can't handle public key algorithm 19
      gpg: no secret subkey for public subkey 0x4EB8453C635A015B -
      ignoring


      You need a passphrase to unlock the secret key for user: "Grumpy
      (RSA) <g at g>"
      2048-bit RSA key, ID 0x0C6C60ECF7CD83F4, created 2014-09-24

      File `test.txt.asc' exists. Overwrite? (y/N) y
      gpg: writing to `test.txt.asc'
      gpg: RSA/SHA512 signature from: "0x0C6C60ECF7CD83F4 Grumpy (RSA)
      <g at g>"

File was encrypted to the older, encryption-capable, RSA subkey.
Decrypted OK (and the signature was good).

So, it would seem that adding ECC signing subkeys to an RSA key does
not completely break compatibility with GnuPG 1.4.18: the 1.4.x user
can still encrypt to the non-ecc subkey and can sign with the main
key. Obviously ECC signatures could not be checked with 1.4.x.

Presumably, it would still work if the ECC subkey were an
encryption-capable subkey. But I have not seen this in action.

And I wonder whether 1.4.x could cope with RSA subkeys on an ECC main
key.


- --
Best regards

MFPA                    mailto:2014-667rhzu3dc-lists-groups at riseup.net

Learning without thought is naught;
 thought without learning is dangerous.
-----BEGIN PGP SIGNATURE-----

iPQEAQEKAF4FAlQmx+tXFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
N0VDQTAzAAoJEKipC46tDG5plNQD/39jYLv3f3TumrDZ0HFDpFXTLWEDI0tAVRpy
DrYXdBl+4LUIaAajw6IKC14BssCCmkswhz2CHbSnzVRrly1kc1j/AZgKrhVNnptK
UyE/FH1v8rps51fY2D6Fe4XLiEGHE5MgeET9KdqYyQ5WVSOBkDVYQOt3LixBb/eB
HK+Yx4Jo
=bush
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list