rlively wrote: > I need help reconciling the two responses below. Sure. Both answers are correct; it's a matter of how David and I are interpreting your question.
>> Even though they key specifies Cipher: IDEA, are you saying that we >> should be able to encrypt to this public key just fine with the >> latest veresion of GnuPG, unless that contact is stuck using legacy >> PGP 2.x? >> >> If they use a newer version of PGP or GnuPG we should be fine? > > David Shaw wrote: > > Yes. Even though the key specifies IDEA as a cipher, modern OpenPGP > systems (GPG or PGP) will both use 3DES as an alternative if they do > not have IDEA. David is talking about using classic PGP 2.6-style ClassicPGP keys to encrypt OpenPGP traffic. This answer is correct. You can use ClassicPGP keys in an OpenPGP environment if both parties are using a newer version of GnuPG/PGP. > He is not. There are two different internet standards for PGP. The > first one, called RFC1991, dates to the early '90s. The second one, > called RFC4880, was only officially released a few months ago. The > two standards are not interchangeable, and RFC4880 brings many more > capabilities to the table. > > GnuPG is an RFC4880 application. PGP 2.6 is RFC1991. The two are > generally incompatible. I'm talking about using classic PGP 2.6-style ClassicPGP keys to encrypt ClassicPGP traffic. AFAIK, this answer is correct; GnuPG was never meant to be a conformant ClassicPGP application. (It's possible that things have changed in the GnuPG codebase since the last time I looked at this, though.) The short version is that David read your message as "can GnuPG be used to process OpenPGP traffic while using ClassicPGP keys", and I read it as "can GnuPG be used to process ClassicPGP traffic, using ClassicPGP keys". _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users