| christophe barbé on Sat, 19 Jan 2002 18:00:18 +0100 |
|
It's not clear to me if you use PGP or GPG but I use GPG and your signature is correctly verified. Christophe On Sat, Jan 19, 2002 at 11:35:57AM -0500, gabriel rosenkoetter wrote: > This, perhaps, explains some of our confusion over whether or not a > given message had a good or bad signature. > > (Well, maybe, maybe not, since my messages are signed clear-text. At > the least, the suggestion seems to be that NAI isn't too interested > in actually sticking to OpenPGP... but considering it's not even a > draft standard, one can't especially blame them.) > > Are my messages still coming through with bad signatures for anyone > here? (They always verify just fine coming back to me, but one would > hope that to be the case, as my machine is rather authoritative > about my key.) > > -- > gabriel rosenkoetter > gr@eclipsed.net > > ----- Forwarded message from Werner Koch <wk@gnupg.org> ----- > > From: Werner Koch <wk@gnupg.org> > Subject: Re: PGP & GPG compatibility > Date: Tue, 15 Jan 2002 13:19:35 +0100 > To: cryptography@wasabisystems.com > Delivered-To: gr@eclipsed.net > Delivered-To: cryptography-outgoing@wasabisystems.com > Delivered-To: cryptography@wasabisystems.com > Organisation: g10 Code GmbH > X-PGP-KeyID: 621CC013 > X-Request-PGP: finger://wk@g10code.com > Mail-Followup-To: cryptography@wasabisystems.com > In-Reply-To: <D0E88486-1F61-11B2-B496-000393471DA8@pobox.com> (Nicholas > Brawn's message of "Sat, 3 Jan 1970 09:41:26 +1000") > User-Agent: Gnus/5.090004 (Oort Gnus v0.04) Emacs/20.7 > (i386-debian-linux-gnu) > Precedence: bulk > > On Sat, 3 Jan 1970 09:41:26 +1000, Nicholas Brawn said: > > > What's the state of the game with PGP and GPG compatibility? > > According to the bug reports I receive for GnuPG, it seems that even > the latest versions of PGP (7.0.3?) are still not OpenPGP compatible. > At least they still don't understand version 4 signatures on data > packets (only on keys). I had in mind that this was fixed some time > ago, but obviously this isn't the case. > > There is a problem wrt text mode signatures: no agreement was found on > what a line ending consists of. PGP translates a CR inside a line > (well, what most non Apple programmers consider a line ending) into a > CR,LF sequence for hashing. The proper solution is not to use > textmode signatures except for cleartext signed messages. > > About two years ago we agreed on a way to implement MDC and defined > new packet types for it. I did some tests with Hal Finney and it used > to work. The OpenPGP draft was later changed to introduce key flags > and use one to enable MDC mode. However, GnuPG uses MDC mode with all > ciphers of a block length other than 64 bits (i.e. Twofish and AES*). > The draft has still not been released as a new RFC so this may change > again :-(. > > The flaw in the secret key protection mechanism was discussed for a > short time but it seems that nobody is willing to continue with this. > I made several suggestion on how to do it. > > Interoperability tests should have happened last summer but for > unknown reasons they didn't. It is very sad to see that after 3 years > we have not achieved to get OpenPGP into draft status :-(. > > > Werner > > -- > Werner Koch Omnis enim res, quae dando non deficit, dum habetur > g10 Code GmbH et non datur, nondum habetur, quomodo habenda est. > Privacy Solutions -- Augustinus > > > > > --------------------------------------------------------------------- > The Cryptography Mailing List > Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com > > ----- End forwarded message ----- -- Christophe Barbé <christophe.barbe@ufies.org> GnuPG FingerPrint: E0F6 FADF 2A5C F072 6AF8 F67A 8F45 2F1E D72C B41E Dogs believe they are human. Cats believe they are God. Attachment:
pgppvTvzAOa0r.pgp
|
|