ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

PGP 5.x will communicate with 2.6.x

1997-11-23 18:20:55
from [Jonathan Wienke] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 06:27 PM 11/23/97 +0000, Ian Grigg wrote:


This is not the effect that is occurring with the pgp5.0, as that has
IMHO failed, because it is practically incompatible.  I'm not saying
pgp5 has failed, just that you need to consider other models.  The
result with pgp5.0 is that if you upgrade, you won't be able to talk to
all your non-upgraded contacts at all, so you won't upgrade.  (I'm not
entirely sure what is going on here, but I think what happens is that as
soon as the RSA keys get any of the extra packets added to them, it
appears that 2.6 will reject them in a variety of ways.  I've tried with
3 different people to get comms between 2.6 (and Cryptix) and pgp5.0. 
No joy yet.).


As long as only old-style RSA keys are used when encrypting a message 5.x
will talk to 2.6.x.  If you create an RSA key with a CMRK packet or other
5.x features, it is not hard to understand why 2.6.x would break.  I
created the following key with 2.6.2 and then imported it into PGP 5.5:

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP for Business Security 5.5

mQBNAzR4zmUAAAECAMYAlJypnCgZOLMnXu/RAdbhKtMGbMgFcKP9TEWN18aruWbj
7tyb1X1O5j0CRhg81Db+bVugZHpzWCtwekTC0TkABRG0FFNtYWxsIDIuNi4yIFRl
c3QgS2V5
=cQvS
- -----END PGP PUBLIC KEY BLOCK-----

Here is the preceding text encrypted with PGP 5.5:

- -----BEGIN PGP MESSAGE-----
Version: PGP for Business Security 5.5

hQBMA1grcHpEwtE5AQH/eKTF2p0v8yAP6ThbZEIIPSX+wI0tLy/0qgj5U9Wy3WZJ
LDdJUyQdK8M1l4Un7kMLtuAZeatZNp1gGVbnYX/fVqUDrNDfwpolf6hV6kpJfEpM
Qh8KVmS59+BWQ1ogNzLjZfMQFzlBzO9b4OGTQmoSF+Nb4OWjQzk7LWklCVjbR39U
fZXiPf/9F9LYQo1BTUts60VxUaLVjP4YL2Dmjbp3MR+kWBNMGaVa23dcqY6GAZ9T
OuYTa5SuqYeFdRUBmWBQrpKnc6/WRW2ZieT8UE+C+x9tg7qj9yRvybdO9mz422nX
J/1tP3IUrgtRDr1QD8D24PWh4ekCcBEcDVmBvvhl6uKvAN6Pq5Ks34dlnwfyfNhV
HVaDa/wjTY+BY3rYWp8/hcSd6ZMNZfytyAlc46m1rdH7g/yysiujXVPPK0yYczKF
nJ2VUIZnm3H0OIML0W6M4SmG+ZC6E7sXWViZ5Sf+kSTqyinsx9G8Zni687i8WrGp
np4fILEwh96poQ0C2i+lAhBwiGWY6yND3ggTE4vD2t1nPXYcuS0B4WE/edO86j6Z
dOctlCUSc6nI/cWk7nPovFnOdhQjaqykQMbXziwPwLcepW2eGz92o+iyRN+jIS1v
6f9Cvw7+PHwXP4QW7nCq0RxcBwikN6sLDHqT2fU6C/dKdVWj2WHkdoI0/34bwXvW
mNwob3a+n1AXhW1BkYp/GM3fVbzPLbsZ3MLgpxVplg0XjnasfRxswFjNI/5DhLLP
PI1jaKdU9VTXf8BYGYA6csgHbkFste/xaTbfYg/uHT305lvlyLxrSCbp/qCKjhZd
7O8gpqRN3PoVARgmbcv6lZf8y7SD5kr9vtStKb3WUihQK0VP/+k7ngP9LMZtz4Gy
dMHz1/CQGRzvB1CzjkSoQU7WQQDAo6MaKbHc+Lpd+Cjy46AlIEx9/7HjZJR9Mqd5
49vs1OgWCWb6IWJt21kOLuof6TCMZ7Lb4F9lQY30KqMzRTM4BG+kNC99UZhtJ4SJ
4JJX7VAgo9Thj3zTGdcDXj9LC8aWuXs11wcliilOXVnWsaI4UDBz5DdVS2OMni9u
vR4apl03yBCuoZr/yKXSOG7+hq1QzATuGblrUqeaiQSMa5rB0OwxtMPCyPcf54eJ
r7r/ESi4onmdmNhPj7LA3TMJNwdfMvtXuNxCu/XuhCFClUYKzvvosjHgHepJQ4vn
uLq57t5WlMcxzp9p/lXa1q+WLO8wXcRy+b2R02kYw9fTAKTa3YZKTCGiucYry2kn
/N9SyYJCCgxSz3g0ZOCjWRxwgt6sFXB/dhyIKd4FHgAWVb1/cN3LBU7CYqH8cjDv
CnnhNh4gsq2w3VcPiXA=
=YsJ8
- -----END PGP MESSAGE-----

Here is the preceding ciphertext successfully decrypted by PGP 2.6.2 (line
breaks added during encryption):

At 06:27 PM 11/23/97 +0000, Ian Grigg wrote:


This is not the effect that is occurring with the pgp5.0, as that has
IMHO failed, because it is practically incompatible.  I'm not saying
pgp5 has failed, just that you need to consider other models.  The
result with pgp5.0 is that if you upgrade, you won't be able to talk to
all your non-upgraded contacts at all, so you won't upgrade.  (I'm not
entirely sure what is going on here, but I think what happens is that as
soon as the RSA keys get any of the extra packets added to them, it
appears that 2.6 will reject them in a variety of ways.  I've tried with
3 different people to get comms between 2.6 (and Cryptix) and pgp5.0. 
No joy yet.).


As long as only old-style RSA keys are used when encrypting a message 5.x
will talk to 2.6.x.  If you create an RSA key with a CMRK packet or other
5.x features, it is not hard to understand why 2.6.x would break.  I
created the following key with 2.6.2 and then imported it into PGP 5.5:

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP for Business Security 5.5

mQBNAzR4zmUAAAECAMYAlJypnCgZOLMnXu/RAdbhKtMGbMgFcKP9TEWN18aruWbj
7tyb1X1O5j0CRhg81Db+bVugZHpzWCtwekTC0TkABRG0FFNtYWxsIDIuNi4yIFRl
c3QgS2V5
=cQvS
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: PGP for Business Security 5.5

iQA/AwUBNHjSJsJF0kXqpw3MEQJLcACaA++2vNRYjewYCIFLg22NOBkFBPUAniRE
5t1QMphVFFMlr1lSGgBUSQWz
=qLLM
-----END PGP SIGNATURE-----


Jonathan Wienke

PGP Key Fingerprints:
7484 2FB7 7588 ACD1  3A8F 778A 7407 2928
3312 6597 8258 9A9E D9FA  4878 C245 D245 EAA7 0DCC

"If ye love wealth greater than liberty, the tranquility of servitude
greater than the animating contest for freedom, go home from us in peace.
We seek not your counsel, nor your arms. Crouch down and lick the hand that
feeds you. May your chains set lightly upon you; and may posterity forget
that ye were our countrymen."
-- Samuel Adams

"Stupidity is the one arena of of human achievement where most people
fulfill their potential."
-- Jonathan Wienke

Never sign a contract that contains the phrase "first-born child."

RSA export-o-matic:
print pack"C*",split/\D+/,`echo "16iII*o\U(_at_){$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Interoperability Policy of PGP Inc Clarified, Ian Grigg
Next by Date:  Re: hand huffman encoding at PGP world HQ, Hal Finney
Previous by Thread:  Re: case for removing subpacket type 10, Ian Grigg
Next by Thread:  Re: PGP 5.x will communicate with 2.6.x, Adam Back
Indexes:  [Date] [Thread] [Top] [All Lists]