On Mon, 08 Oct 2007 09:27:27 -0400 Rachel Willmer
<rwillmer(_at_)gmail(_dot_)com> wrote:
On 08/10/2007, Ian G <iang(_at_)systemics(_dot_)com> wrote:
Well, like I say, the spec has to stop somewhere.
... if 2 apps supporting the same standard (and I mean OpenPGP in
its
wider sense, not just RFC2440) which support the same set of
algorithms and suitable keys, can't actually talk to each other,
then
I'm not sure what the point of the standard is.
part of the issue is that while there is an open pgp standard,
there are applications that are more liberal in what is
'acceptable',
and such differences in 'acceptance tolerance' may allow for one
application to be able to decrypt a message while the other cannot
here is one such trivial example of an encrypted message, and the
keypair
?;^)-----BEGIN PGP MESSAGE-----
comment: encrypted to aaaa1
qANQR1DBwEwDfcQnSvkBVJYBCAC7wNF8JslX1QT3OOOnzGSEfb5+kqjBknsboyVi
g6vM0nGAhv8Gyr6kbgBU4tEd9naO046t5Nrn41m5o8uIaGqCnSIsqPkazHKL3ksn
4eUvKRdvib+/rNMRzLmHjIOW+qiAOekzKcx2qMRJjcgjglZHIybHRTbvixD8rYFn
GOs0pg9dQU3xYaHy5i7GCbg6K+N2CBXtBz9QTo4pU6mj6iUyGswO2xu0fqxmfJmi
z+SjfhETu/BzEhQJH5X8JCoPMh33Q/FHMtSkTYj9NioFHE60fknPWg69afIYip+Q
8L7TTT9ZAm9yzq8L9QJUQttZ1Pu5zXwnf9PfIQ5n9ErmDwHm0kIBuaX+JW6I3JVO
qdb9J0GXfqAjOIFQqWjWUG1n2PftBy4teKKRP6BvUzeC8OyIRQRVp4HYrkHpjKMj
FDqcahUq6Rg=
=nTQP
-----END PGP MESSAGE-----
-----BEGIN PGP PRIVATE KEY BLOCK-----
comment: passphrase: aaaa1
lQO8BEOPWrMBCADVn3tcdnQh4CDJSm4wW3IseEh2TsC2NDEI+Z27zsJeZQ2vl77w
g8DIRPZ1agNqG4bLbTk7Vz83Pt0YpJVgKTGEZqxViQZJn0kXHhN5g+UnVVrxUY30
fKbk0f+iFFF1cgMMLs1k6fYdum6QaTnI4VqRvUqgfNIw3UtVpLc2jmTPUcH07Cga
nEWTSaT9XX54t5EZ2ThIUOn8yak9Xlgv8PFlsMfeMe9pMfbPJULPlczmIkazMtVC
tWLqnt8ITnp5+fNIgORVlWp34u8lHZuIuKu5MrlWHciAgvIpJ80iVMU9teQj4kgk
wq5X+X+sPxCfSHRItvjXu5XEylsTL8RWmGilAAYp/gIDCMk6j3/xQ5b1YD/zG1oX
QWj3ZEH+/Sn8zn2Suw3XvbZHae08kW9Kgd6unf9NuUj69kMNYUb1uLNCrfPh2CcT
F/7ux3M0vOZuIfS3QclTQOYxDPUJanRjdTXisQhDQdrVnEnxZR8BMjaO8j/vhjKk
cnlbkaN1/A+BynFe4jgSngm176rtn5UfY4MuNXVvmo4wyESaV0lyaypkivvqoNKV
UfvM3ZiGZowGnN8UnZPAWspa3qKE/2x40hkyiJnbilZUCytxYOj822KsJs6Qzaby
o8YBpcKE5it9WiJO6MzrqZXGWTwAbrrpV4jcM2N7hgSW8XojE6xQzSdBYHwDaFCv
3mp7wEXDTG6cC3+5YhKZD1radVzQF1Cp2L1h6lny1ipVooTDeSv5S3r793NQJoVD
rzL7p5+VdOgeoHfr00PypMyF6RRsEdnKwOQ6QN0fesAh/2DeOU7EBJyq0VOL23rO
AwV0QcsDtNPWZ5fq3NTl7/JC5Oh4m75iVod0ESQETHTB67kaoeKzmsJQ3Gp+PoFV
AN4DWKXRO2/S+efeu8CRo/0ESaLdxxv517w/d8SXVqkRSmKYjyIvXmQOSIXh1EIa
br9pztQgT+pwozDp3JoShgJec5kwy7+wsFr1tjpEsbgwUsT8my9NqA+IAe2mI8U4
pxA50LpF0DYSdu0gj7oCBsJRoH9ODQu3EdcGVjiJVjCy+hKGDq9JutsKfsqeH5VF
rquftjep34jdTOSiSvWrTrunuO4190A0b0YQjfa13nbGCczA+6vNa87QuRTzSo78
UgVBZg4pp2GhgIi+MpAEQDWxYb44f840aOP7rhYRcvQE8GJ8jt8BQiVOx92ENPP4
/t5IKGg+OiK2i5U5NToEHLNeGqwR10oKOLh40wcaAE7KvETShu6rXrVI6EYMTWO0
FmFhYWExIDxhYWFhMUBrZXkudGVzdD4=
=hWAG
-----END PGP PRIVATE KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQELBEOPWrMBCADVn3tcdnQh4CDJSm4wW3IseEh2TsC2NDEI+Z27zsJeZQ2vl77w
g8DIRPZ1agNqG4bLbTk7Vz83Pt0YpJVgKTGEZqxViQZJn0kXHhN5g+UnVVrxUY30
fKbk0f+iFFF1cgMMLs1k6fYdum6QaTnI4VqRvUqgfNIw3UtVpLc2jmTPUcH07Cga
nEWTSaT9XX54t5EZ2ThIUOn8yak9Xlgv8PFlsMfeMe9pMfbPJULPlczmIkazMtVC
tWLqnt8ITnp5+fNIgORVlWp34u8lHZuIuKu5MrlWHciAgvIpJ80iVMU9teQj4kgk
wq5X+X+sPxCfSHRItvjXu5XEylsTL8RWmGilAAYptBZhYWFhMSA8YWFhYTFAa2V5
LnRlc3Q+iQE3BBMBAgAhBQJDj1qzAhsPBwsJCAcDAgEEFQIIAwQWAgMBAh4BAheA
AAoJEH3EJ0r5AVSWVlAIAJj0djWpOS4NH0sILbgkDDnzyIyZvgFyziNo9Kd42oXO
pT9McnYGQTiqLMLU+s0Ffx8rbPN6yqhW8jHqrce78IGk5WWI0E24mhTdTVz84p4x
VSwjYjw7MnpinijKKrpTH5EvEa6JFKwKHLsmFLCSjcF1GyxHC022xim4SO1UYsvt
tn04m8+Oa3n9gLZz3e1lZijDzhs+2+O0fKB1gbAItb15s9Kg1QGe5mHRIyxi9SdY
dstAs6bUqXPU/BRbtqap2+X2CO9Dd1y3CN7xmQRcavDNg0hzuIhibEBq7reB9EmA
er/aK8pkJ+JqvD9Lp6wXq/jDQ82IOE+AZJkQDsBdFBY=
=WUlP
-----END PGP PUBLIC KEY BLOCK-----
PGP is tolerant of the question mark and smiley in front of the
armor heading, and decrypts it
GnuPG considers it an improper armor heading and stops attempts at
further decryption
(to be fair,
PGP does not generate the encrypted message with the altered armor
heading,
but in the past, has generated long statements in the version line,
which did cause 'improper heading' error messages when wrapped to a
separate line)
so,
a possible way of dealing with this,
might be to have applications have a 'default mode'
where whatever is generated is 'within the letter of the law' of
the standard,
and an 'expert mode'
to allow for special features that might be convenient to a user or
co-application,
with the understanding that other applications might not be able to
process messages done in that mode
(btw,
have lots of examples of similar 'oddities' in case anyone is
interested)
vedaal
--
Get free information on the latest in steel buildings.
http://tagline.hushmail.com/fc/Ioyw6h4esioukoaYn9U0yF5my5fHeIP5xZVLPyptLjzPrFUeO9s2fB/