Hi Markus,
* Markus Nißl <[EMAIL PROTECTED]> [27. Aug. 2002]:
> On Sun, Aug 25, 2002 at 06:21:52PM +0200, Gregor Zattler wrote:
> > > Well, do I have to use that gpg-2comp in order to use gpg
> > > with mutt?
> >
> > You need this wrapper script if and only if you want to
> > communicate signed+encrypted with a person who uses pgp2.6.x
>
> So, in order to be able to communicate with anybody who uses any
> version of pgp or gnupg, I have to use that script.
No.
pgp version 2 (=pgp2) uses RSA keys in key format version 3.
pgp2 is neither able to use other public key cryptography algorithms
nor to use newer key formats.
gpg is able to handle old (=pgp2) RSA format 3 keys
-- to a certain degree:
it is able to encrypt a message to such a key
it is able to decrypt a message for such a key
it is able to sign a message to such a key
it is able to to verify a signature of a message for such a key
it is able to decrypt and then verify the signature of an
signed+encrypted message
but it is *not* able to sign+encrypt a message to such a key in a
way which pgp2 can operate succesfully on.
This is where gpg-2comp comes in. You use it solely to
sign a message with your old-style key and encrypt this signed
message to an old-style key for a pgp2 user.
In other cases you do not need gpg-2comp.
> > Note that you can not communicate with this setup with a user
> > who does not use RSA v3 keys...
and if you do not use one.
My advise: Take this gpg.rc *without* the gpg-2comp lines and use
it happily until you run into problems. Perhaps you don't
because you do not communicate with persons who use old keys.
Ciao, Gregor
--
"The future is here. It's just not widely distributed yet."
-- William Gibson
