On Sun, 4 Nov 2001, vedaal wrote:
messages from any pgp version can be read and verified by gpg {with the
idea plugin},
except if a shared key/split key system is used
[gpg can encrypt to a split key, but not sign or decrypt with a shared key
system]
messages from gpg using the throw-key id switch, cannot be read by 'any'
version
of pgp {except for Disastry's 2.6.3i multi 5}
messages from gpg using mdc, cannot be read by any pgp version prior to
7.xx
{6.5.8ckt is an exception, having a patch to ignore the mdc packets}
messages from 7.xx using twofish or aes, cannot be decrypted by pgp
versions prior
to 7.xx, but signatures can be verified
{again, 6.5.8ckt is an exception}
messages using an RSA v4 key, can be decrypted, and can be verified, by pgp
versions
prior to 7.xx, but, for some reason, not, if the message is 'both' signed
and encrypted
messages signed with ripemd-160 or sha-1, can be verified by all pgp
versions greater
than 2.6.x, even if they do not use them to sign with for a particular key
type
hope this is useful,
please correct if there are any mistakes or oversights,
Well, you've left out GnuPG versions. GnuPG hasn't always been able to
handle everything you mention.
GnuPG of any version produces messages signed with v3 keys encrypted in v3
format that PGP cannot decrypt.
In the implementation nits, it is noted that PGP 5.x cannot verify v4 sigs
on non-v4 material. Actually, 6.x cannot either, but 7.x and greater can.
Then there's the ElGamal signing-keys that GnuPG generates. I don't know
what else supports them.
Also, signing subkeys are probably a problem with a lot of other
implementations as well.
We have no idea what Hushmail's interop status is, since there appears to
be no way to either get access to Hushmail users' public keys in order to
verify their signatures, or import non-Hushmail users' keys into the
Hushmail system to encrypt to them.
...etc.
I could keep throwing things off the top of my head -- but shouldn't we
have some formal system for listing all of this?
--
Len Sassaman
Security Architect | "Now it's all change --
Technology Consultant | It's got to change more."
|
http://sion.quickie.net | --Joe Jackson