Re: GPG and PGP

On Wednesday 16 March 2011, Johan Wevers wrote: > Op 15-3-2011 21:57, Ingo Klöcker schreef: > > Why migrate away? Even if GnuPG 3 stops supporting RFC1991 there > > will always be GnuPG 1 and GnuPG 2 around to decrypt ancient data > > and verify signatures made decades ago. > > If that is the case

Re: GPG and PGP

On Wednesday 16 March 2011, Mark H. Wood wrote: > On Wed, Mar 16, 2011 at 09:15:45AM +0100, Johan Wevers wrote: > > Op 15-3-2011 21:32, Ben McGinnes schreef: > > > That's probably a worthwhile discussion to have. Even if RFC1991 > > > support is maintained, there's still value in migrating encrypt

Re: GPG and PGP

Op 16-3-2011 17:38, ved...@nym.hush.com schreef: > I've had a problem running Disastry's PGP 2.6.3 multi6 on 64 bit > windows systems, because the DOS command line window didn't work > with even Disastry's 32 bit pgp.exe. That is because his executables are DOS executables and not win32 command

re: GPG and PGP

Johan Wevers johanw at vulcan.xs4all.nl wrote on Wed Mar 16 09:16:56 CET 2011 : >Current OSes pose already a problem. PGP 2 did not provide nagtive binaries for win32 so I compiled them myself I've had a problem running Disastry's PGP 2.6.3 multi6 on 64 bit windows systems, because the DOS comm

Re: GPG and PGP

On Mar 16, 2011, at 10:05 AM, Jeffrey Walton wrote: > On Wed, Mar 16, 2011 at 9:41 AM, wrote: >> David Shaw dshaw at jabberwocky.com wrote on >> Wed Mar 16 00:42:48 CET 2011 : >> >> >>> GnuPG does the MDC by default whenever all the keys can handle it >> >> What kind of key can't handle it in

Re: GPG and PGP

On Mar 16, 2011, at 9:41 AM, ved...@nym.hush.com wrote: > David Shaw dshaw at jabberwocky.com wrote on > Wed Mar 16 00:42:48 CET 2011 : > > >> GnuPG does the MDC by default whenever all the keys can handle it > > What kind of key can't handle it in gnupg? None. It's not a key type, but a fea

Re: GPG and PGP

On 3/16/2011 10:05 AM, Jeffrey Walton wrote: > 2 key or 3 key? 2TDEA only provides about 80 bits of security, and is > usually not recommend for use. The OpenPGP spec requires three-key 3DES, and GnuPG conforms to the spec. ___ Gnupg-users mailing list

Re: GPG and PGP

On Wed, Mar 16, 2011 at 9:41 AM, wrote: > David Shaw dshaw at jabberwocky.com wrote on > Wed Mar 16 00:42:48 CET 2011 : > > >>GnuPG does the MDC by default whenever all the keys can handle it > > What kind of key can't handle it in gnupg? > > I sent messages to all key types, including v3 keys, u

Re: GPG and PGP

Op 16-3-2011 13:53, Mark H. Wood schreef: >> Only if IDEA gets broken (or the pgp 2.x implementation of it turns out >> flawed) or, very unlikely, 128 bit can be brute-forced in the future. > On that day it would be well to already know what to do about it and > already have the tools in hand. I

Re: GPG and PGP

On Wed, Mar 16, 2011 at 09:15:45AM +0100, Johan Wevers wrote: > Op 15-3-2011 21:32, Ben McGinnes schreef: > > > That's probably a worthwhile discussion to have. Even if RFC1991 > > support is maintained, there's still value in migrating encrypted data > > to more robust algorithms. > > Only if I

Re: GPG and PGP

On 16/03/11 8:50 PM, Werner Koch wrote: > On Wed, 16 Mar 2011 06:33, b...@adversary.org said: > >> Okay, so that would cover 3DES too? Surely there can't be many > > No. DES and thus 3DES have a blocksize of 64 bit. The blocksize is not > related to the keysize. Ah, right, got it. Thanks.

Re: GPG and PGP

On Wed, 16 Mar 2011 06:33, b...@adversary.org said: > Okay, so that would cover 3DES too? Surely there can't be many No. DES and thus 3DES have a blocksize of 64 bit. The blocksize is not related to the keysize. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bund

Re: GPG and PGP

Op 15-3-2011 21:57, Ingo Klöcker schreef: > Why migrate away? Even if GnuPG 3 stops supporting RFC1991 there will > always be GnuPG 1 and GnuPG 2 around to decrypt ancient data and verify > signatures made decades ago. If that is the case, you could also say we still have pgp 2.x arround includ

Re: GPG and PGP

Op 15-3-2011 21:32, Ben McGinnes schreef: > That's probably a worthwhile discussion to have. Even if RFC1991 > support is maintained, there's still value in migrating encrypted data > to more robust algorithms. Only if IDEA gets broken (or the pgp 2.x implementation of it turns out flawed) or, v

Re: GPG and PGP

Op 15-3-2011 21:16, Robert J. Hansen schreef: > This may not be so much an argument for IDEA's inclusion as it might be > an argument for data migration. How do I re-sign a message with someone else's private key? And for that matter, how do I do that convenient with a mailbox with many encrypted

Re: GPG and PGP

On 16/03/11 2:50 PM, David Shaw wrote: > On Mar 15, 2011, at 11:41 PM, David Shaw wrote: >> On Mar 15, 2011, at 11:28 PM, Ben McGinnes wrote: >>> >>> Is that 256 bits only or 256 bits and larger? >> >> Strictly speaking, it's anything with a cipher blocksize that isn't >> 128 bits. In the case of

Re: GPG and PGP

On 16/03/11 2:37 PM, Robert J. Hansen wrote: > On 3/15/2011 11:28 PM, Ben McGinnes wrote: >> Is that 256 bits only or 256 bits and larger? > > Given there are no symmetric ciphers in OpenPGP that use more than a > 256-bit key, I think the answer here is "yes." :) Heh. For some reason my brain w

Re: GPG and PGP

On Mar 15, 2011, at 11:28 PM, Ben McGinnes wrote: > On 16/03/11 10:42 AM, David Shaw wrote: >> >> GnuPG does the MDC by default whenever all the keys can handle it >> (or if the chosen cipher is 256 bits) > > Is that 256 bits only or 256 bits and larger? Strictly speaking, it's anything with a

Re: GPG and PGP

On Mar 15, 2011, at 11:41 PM, David Shaw wrote: > On Mar 15, 2011, at 11:28 PM, Ben McGinnes wrote: > >> On 16/03/11 10:42 AM, David Shaw wrote: >>> >>> GnuPG does the MDC by default whenever all the keys can handle it >>> (or if the chosen cipher is 256 bits) >> >> Is that 256 bits only or 256

Re: GPG and PGP

On 3/15/2011 11:28 PM, Ben McGinnes wrote: > Is that 256 bits only or 256 bits and larger? Given there are no symmetric ciphers in OpenPGP that use more than a 256-bit key, I think the answer here is "yes." :) ___ Gnupg-users mailing list Gnupg-users@g

Re: GPG and PGP

On 16/03/11 10:42 AM, David Shaw wrote: > > GnuPG does the MDC by default whenever all the keys can handle it > (or if the chosen cipher is 256 bits) Is that 256 bits only or 256 bits and larger? Regards, Ben signature.asc Description: OpenPGP digital signature _

Re: GPG and PGP

On Mar 15, 2011, at 6:51 PM, ved...@nym.hush.com wrote: > David Shaw dshaw at jabberwocky.com wrot on > Tue Mar 15 22:28:23 CET 2011 : > >> I'm not quite sure what you mean. >> The MDC can be used on any OpenPGP cipher, no matter what the > size. > > Yes, > but it's done by gnupg by default

Re: GPG and PGP

David Shaw dshaw at jabberwocky.com wrot on Tue Mar 15 22:28:23 CET 2011 : >I'm not quite sure what you mean. >The MDC can be used on any OpenPGP cipher, no matter what the size. Yes, but it's done by gnupg by default for 256 bit ciphers, while it needs the option of '--force-mdc' for non-25

Re: GPG and PGP

On Mar 15, 2011, at 4:24 PM, ved...@nym.hush.com wrote: > David Shaw dshaw at jabberwocky.com wrote on > Tue Mar 15 15:34:47 CET 2011 : > >> would like to see IDEA included once the various patents expire > > As long as the non-256 bit symmetrical algorithms (IDEA, CAST5, > 3DES, BLOWFISH) will

Re: GPG and PGP

On Tuesday 15 March 2011, Robert J. Hansen wrote: > On 3/15/11 3:53 PM, Ben McGinnes wrote: > > It's simple, data which may have been encrypted 15+ years ago may > > still have value to the people who encrypted it, even if they have > > since chosen to move from older programs (e.g. PGP 2.x) for th

Re: GPG and PGP

On 16/03/11 7:16 AM, Robert J. Hansen wrote: > On 3/15/11 3:53 PM, Ben McGinnes wrote: >> It's simple, data which may have been encrypted 15+ years ago may >> still have value to the people who encrypted it, even if they have >> since chosen to move from older programs (e.g. PGP 2.x) for their >

Re: GPG and PGP

David Shaw dshaw at jabberwocky.com wrote on Tue Mar 15 15:34:47 CET 2011 : > would like to see IDEA included once the various patents expire As long as the non-256 bit symmetrical algorithms (IDEA, CAST5, 3DES, BLOWFISH) will remain part of open PGP, and the MDC needs revision eventually to mo

Re: GPG and PGP

On 3/15/11 3:53 PM, Ben McGinnes wrote: > It's simple, data which may have been encrypted 15+ years ago may > still have value to the people who encrypted it, even if they have > since chosen to move from older programs (e.g. PGP 2.x) for their > current needs. This may not be so much an argume

Re: GPG and PGP

On 16/03/11 2:29 AM, Aaron Toponce wrote: > On Tue, Mar 15, 2011 at 04:14:25PM +0100, Johan Wevers wrote: >> I don't know, but I do know that adding IDEA does not complicate or >> bloat GnuPG. > > You're probably right. I guess I just don't understand supporting dead, > deprecated, proprietary tec

Re: GPG and PGP

Op 15-3-2011 16:29, Aaron Toponce schreef: >> I don't know, but I do know that adding IDEA does not complicate or >> bloat GnuPG. > You're probably right. I guess I just don't understand supporting dead, > deprecated, proprietary technology, bloat or no bloat. IDEA is far from dead. I have maila

Re: GPG and PGP

On Tue, Mar 15, 2011 at 04:14:25PM +0100, Johan Wevers wrote: > I don't know, but I do know that adding IDEA does not complicate or > bloat GnuPG. You're probably right. I guess I just don't understand supporting dead, deprecated, proprietary technology, bloat or no bloat. -- . o . o . o . .

Re: GPG and PGP

Op 15-3-2011 15:55, Aaron Toponce schreef: > Using this line of logic, web developers should continue support for > IE6. I would not mind them using fallbacks when it doesn't hinder other code or bloat things. This last requirement, however, is in web development much more difficult to achieve th

Re: GPG and PGP

On Mar 15, 2011, at 10:17 AM, Johan Wevers wrote: > Op 15-3-2011 14:19, Aaron Toponce schreef: > >> 1. The U.S. patent expires for IDEA on January 7, 2012. > > I propose to include the IDEA module then in GnuPG 1.4.12 and 2.2.(then > current + 1), just like the extra version that came out when t

Re: GPG and PGP

Op 15-3-2011 14:19, Aaron Toponce schreef: > 1. The U.S. patent expires for IDEA on January 7, 2012. I propose to include the IDEA module then in GnuPG 1.4.12 and 2.2.(then current + 1), just like the extra version that came out when the RSA patent expired. > 2. IDEA has already been succeeded b

Re: GPG and PGP

> 3. Both IDEA and IDEA NXT don't meet the rigor of many of today's open >algos. Substitute "safety margin" for rigor and I'll agree with you. IDEA is a competent design by credible people and has had a whole lot of people beating on it to only limited degrees of success: it seems to me they'

Re: GPG and PGP

On Tue, Mar 15, 2011 at 10:22:45AM +0100, Werner Koch wrote: > Yes. Back in 1997 I implemented PGP 2 compatible code as the first > towards GPG. Obviously I needed IDEA and RSA for testing. That is the > reason why we have this code at all. Later a lot of people demanded > that IDEA and RSA sho

Re: GPG and PGP

On Mon, 14 Mar 2011 17:53, ved...@nym.hush.com said: > Disastry's signature is on the ideadll file in the ideadll.zip file > on his site. So you trust some binary blob? .-) > Is that your signature on the idea.c module from key ID 621CC013 ? Yes. Back in 1997 I implemented PGP 2 compatible co

Re: GPG and PGP

iOn Mon, 14 Mar 2011 11:50:29 -0400 Werner Koch wrote: >On Mon, 14 Mar 2011 15:50, ved...@nym.hush.com said: > >> (btw, Disastry is the one who wrote the IDEA.dll module, >> specifically to bridge the gap between gnupg and pgp users.) > >Hmmm, the signature claims that I wrote it. I stand corr

Re: GPG and PGP

On Mon, 14 Mar 2011 15:50, ved...@nym.hush.com said: > (btw, Disastry is the one who wrote the IDEA.dll module, > specifically to bridge the gap between gnupg and pgp users.) Hmmm, the signature claims that I wrote it. However, I still recommend not to use it. Salam-Shalom, Werner -- Di

Re: GPG and PGP

Gloria.Teo at bit.admin.ch Gloria.Teo at bit.admin.ch wrote on Mon Mar 14 11:23:26 CET 2011 : >gpg: epflpepfl": preference for cipher algorithm 1 Cipher Algorithm 1 is IDEA, and was used as a default cipher for RSA keys by 6.5.8 GnuPG does not use IDEA although it will accept the IDEA module.

Re: GPG and PGP Compatibility (vedaal)

On Wed, 18 Oct 2006 05:04:14 -0400 [EMAIL PROTECTED] wrote: >Send Gnupg-users mailing list submissions to >[7] open file.asc using winpt's file manager, forgot to mention, it can also be done using gpgee, and the signature will be verified, and the file saved vedaal Concerned about your p

Re: GPG and PGP Compatibility (Conan Purves)

>Date: Tue, 17 Oct 2006 13:09:21 -0400 >From: Conan Purves <[EMAIL PROTECTED]> >Subject: GPG and PGP Compatibility >have thus found Gnupg using the gpg4win front end, >running through the Enigmail extension on Thunderbird. > My last problem, I believe, is attachments. using gpg4win, th

Re: GPG and PGP Compatibility

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alphax wrote: > Conan Purves wrote: >> Hello everybody, > >> When I encode attachments, it gives them a .gpg suffix. My colleagues >> who are using PGP Desktop cannot decode those files. Though I can >> decode their files, either using the gpgee con

Re: GPG and PGP Compatibility

Alphax wrote: > I've filed an RFE at > . > Well, apparantly it's already doable: > You can set this with the following two preferences in about:config (or in > Thunderbird via Preferences/Advanced/Config Editor): > > extensions.enigmail.inlineA

Re: GPG and PGP Compatibility

On Tue, 17 Oct 2006 23:18, Ryan Malayter said: > file extension for encrypted files, whereas PGP Corp.'s products use > .pgp. But that can be overcome with configuration settings, either in > one of the programs, or by telling Windows what programs to associate > with which file extensions. An ea

Re: GPG and PGP Compatibility

Conan Purves wrote: > Hello everybody, > When I encode attachments, it gives them a .gpg suffix. My colleagues > who are using PGP Desktop cannot decode those files. Though I can > decode their files, either using the gpgee contextual menu or > automatically through enigmail. > > Practically sp

Re: GPG and PGP Compatibility

Hi, Conan Purves schrieb: > Hello everybody, > > I am the office manager here and trying to set up a compatible PGP for > some of the employees. I am looking for an open-source, free > non-corporate version of the software and have thus found Gnupg using > the gpg4win front end, running through

Re: GPG and PGP Compatibility

On 10/17/06, Conan Purves <[EMAIL PROTECTED]> wrote: Theoretically speaking, what is the difference between PGP and GPG? Is it just a different management tool handling the same encryption algorithm or is there some further translation between the two? Why does my Enigmail menu on Thunderbird s