| gabriel rosenkoetter on Sat, 19 Jan 2002 17:40:17 +0100 |
|
This, perhaps, explains some of our confusion over whether or not a given message had a good or bad signature. (Well, maybe, maybe not, since my messages are signed clear-text. At the least, the suggestion seems to be that NAI isn't too interested in actually sticking to OpenPGP... but considering it's not even a draft standard, one can't especially blame them.) Are my messages still coming through with bad signatures for anyone here? (They always verify just fine coming back to me, but one would hope that to be the case, as my machine is rather authoritative about my key.) -- gabriel rosenkoetter gr@eclipsed.net ----- Forwarded message from Werner Koch <wk@gnupg.org> ----- From: Werner Koch <wk@gnupg.org> Subject: Re: PGP & GPG compatibility Date: Tue, 15 Jan 2002 13:19:35 +0100 To: cryptography@wasabisystems.com Delivered-To: gr@eclipsed.net Delivered-To: cryptography-outgoing@wasabisystems.com Delivered-To: cryptography@wasabisystems.com Organisation: g10 Code GmbH X-PGP-KeyID: 621CC013 X-Request-PGP: finger://wk@g10code.com Mail-Followup-To: cryptography@wasabisystems.com In-Reply-To: <D0E88486-1F61-11B2-B496-000393471DA8@pobox.com> (Nicholas Brawn's message of "Sat, 3 Jan 1970 09:41:26 +1000") User-Agent: Gnus/5.090004 (Oort Gnus v0.04) Emacs/20.7 (i386-debian-linux-gnu) Precedence: bulk On Sat, 3 Jan 1970 09:41:26 +1000, Nicholas Brawn said: > What's the state of the game with PGP and GPG compatibility? According to the bug reports I receive for GnuPG, it seems that even the latest versions of PGP (7.0.3?) are still not OpenPGP compatible. At least they still don't understand version 4 signatures on data packets (only on keys). I had in mind that this was fixed some time ago, but obviously this isn't the case. There is a problem wrt text mode signatures: no agreement was found on what a line ending consists of. PGP translates a CR inside a line (well, what most non Apple programmers consider a line ending) into a CR,LF sequence for hashing. The proper solution is not to use textmode signatures except for cleartext signed messages. About two years ago we agreed on a way to implement MDC and defined new packet types for it. I did some tests with Hal Finney and it used to work. The OpenPGP draft was later changed to introduce key flags and use one to enable MDC mode. However, GnuPG uses MDC mode with all ciphers of a block length other than 64 bits (i.e. Twofish and AES*). The draft has still not been released as a new RFC so this may change again :-(. The flaw in the secret key protection mechanism was discussed for a short time but it seems that nobody is willing to continue with this. I made several suggestion on how to do it. Interoperability tests should have happened last summer but for unknown reasons they didn't. It is very sad to see that after 3 years we have not achieved to get OpenPGP into draft status :-(. Werner -- Werner Koch Omnis enim res, quae dando non deficit, dum habetur g10 Code GmbH et non datur, nondum habetur, quomodo habenda est. Privacy Solutions -- Augustinus --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com ----- End forwarded message ----- Attachment:
pgpnCjzLUrjWZ.pgp
|
|