Where is the "INTEROPERABILITY WITH OTHER OPENPGP PROGRAMS section"?
kynnjo at gmail.com
Thu Jul 25 22:28:08 CEST 2019
@Daniel : thanks!!!
On Thu, Jul 25, 2019 at 4:11 PM Daniel Kahn Gillmor <dkg at fifthhorseman.net>
> On Thu 2019-07-25 14:00:08 -0400, Kynn Jones via Gnupg-users wrote:
> > The GnuPG documentation refers to an "INTEROPERABILITY WITH
> > OTHER OPENPGP PROGRAMS section", but when I search for this
> > title, I find only references to it, not the actual section.
> > Does any one know where that section is?
> It appears to be in the info page, which (on my system) i can access
> with "info gpg" and then searching for "interoperability". In the
> manual page (gpg(1), accessed via "man 1 gpg") the section is titled
> just "INTEROPERABILITY" (why this difference between info and man? I
> don't know or understand!)
> I reproduce the current version out of info (from 2.2.17) below.
> INTEROPERABILITY WITH OTHER OPENPGP PROGRAMS
> GnuPG tries to be a very flexible implementation of the OpenPGP
> standard. In particular, GnuPG implements many of the optional parts of
> the standard, such as the SHA-512 hash, and the ZLIB and BZIP2
> compression algorithms. It is important to be aware that not all
> OpenPGP programs implement these optional algorithms and that by forcing
> their use via the '--cipher-algo', '--digest-algo',
> '--cert-digest-algo', or '--compress-algo' options in GnuPG, it is
> possible to create a perfectly valid OpenPGP message, but one that
> cannot be read by the intended recipient.
> There are dozens of variations of OpenPGP programs available, and
> each supports a slightly different subset of these optional algorithms.
> For example, until recently, no (unhacked) version of PGP supported the
> BLOWFISH cipher algorithm. A message using BLOWFISH simply could not be
> read by a PGP user. By default, GnuPG uses the standard OpenPGP
> preferences system that will always do the right thing and create
> messages that are usable by all recipients, regardless of which OpenPGP
> program they use. Only override this safe default if you really know
> what you are doing.
> If you absolutely must override the safe default, or if the
> preferences on a given key are invalid for some reason, you are far
> better off using the '--pgp6', '--pgp7', or '--pgp8' options. These
> options are safe as they do not force any particular algorithms in
> violation of OpenPGP, but rather reduce the available algorithms to a
> "PGP-safe" list.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users