On Jan 26, 2009, at 9:02 AM, Peter Thomas wrote:
Hi folks.
I'm currently reading RFC4880 and I think I have many minor
questions... is the gnupg-users list the right place to ask? Or is
there any better place?
Look for the ietf-openpgp mailing list at
http://www.ietf.org/html.charters/openpgp-charter.html
Anyway,... I think I start right now and ask my first question,..
(think it's easier to handle if I ask only one or two questions per
mail-thread).
Hopefully you can help me and hopefully I'm not to annoying ;-)
1) In chapter 3.7.2.1 on page 13 it says that the octet can have
values "255 or 254". Is there any difference between the two?
Yes, see section 5.5.3 for the exact details, but in general 254
indicates that there is a SHA-1 hash of the secret data included.
This is to prevent a secret key tampering attack.
2) I've digged a little bit into the bit layout of gpg created keys
(with hd and pgpdump), and it seems that gpg creates packets with
old packed format (bit 6 in the packet header cleard) whenever
possible.
What's the reason for this? I mean the RFC recommends to use the new
packet format. Can I change that default behaviour? And if I have a
key, that's already used and signed by others, could I convert it to
using the new format?
You could convert it, but there is little point. The function of a
packet is the same no matter what. It's purely a question of the
*contents* of the packet. GPG uses the old format when possible for
backwards compatibility reasons.
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
