OK, I had to resort to reading the PGP 2 source to find out what was
going on here.
In essence its fairly simple, but is _definitely_ no explained by the I-D.
Firstly, v3 CFB does not use the IV in a standard way. Instead, what it
does instead is set the IV to all zeroes and then decrypt the IV and
throw away the result.
Secondly, as I think was correctly explained by someone here (but I
didn't get it, sorry), when "resynchronisation" occurs it means "set the
IV to the last 8 bytes of ciphertext".
Note that for any standard-sized key resynchronisation does _not_ occur,
so people who think they've implemented it from AC are in for a surprise
one day.
Obviously the I-D should be updated to reflect this (and clearly no-one
has ever implemented v3 keys from it).
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff