Discussion:
gpg?
(too old to reply)
Keith
2009-01-03 11:59:49 UTC
Permalink
Hi all,

Is this an appropriate place to ask about stuff relating to gpg? If
not, can someone please direct me to a more appropriate forum?

Thx.
David W. Hodgins
2009-01-03 14:23:53 UTC
Permalink
Post by Keith
Is this an appropriate place to ask about stuff relating to gpg? If
not, can someone please direct me to a more appropriate forum?
Sure. What is your question?

Regards, Dave Hodgins
--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
Keith
2009-01-03 15:24:37 UTC
Permalink
Post by David W. Hodgins
Post by Keith
Is this an appropriate place to ask about stuff relating to gpg? If
not, can someone please direct me to a more appropriate forum?
Sure. What is your question?
Thanks. Actually, I think I've resolved the main problem for the time
being.

I had an encryption subkey which expired at the end of the year, so in
Windoze PGP (v8.0.2) I added a new subkey and did an export private key.
When I took that over to my Mandriva box and imported into gpg
(v1.4.9), it refused to 'see' the new subkey. In the end I told gpg to
delete the private key(!) and imported again, and voila, it seems to
work just fine now.

One remaining issue is that stuff encrypted (to self) using gpg fails to
decrypt under PGP on Windoze, telling me something about 'decompression
failed', so perhaps there are algorithm preference issues between the two?

Going the other way (from PGP to gpg) works just fine now.
John Wunderlich
2009-01-05 06:58:10 UTC
Permalink
Post by Keith
One remaining issue is that stuff encrypted (to self) using gpg
fails to decrypt under PGP on Windoze, telling me something about
'decompression failed', so perhaps there are algorithm preference
issues between the two?
Going the other way (from PGP to gpg) works just fine now.
You are correct. PGP/GPG compresses the data before it encrypts the
data. There are three supported compression algorithms supported in
RFC 4880 -- ZIP, ZLIB, and BZip2. PGP 8.x only supports the ZIP
algorithm (GPG current version supports them all). Ideally, when
generating keypairs, the PGP [or GPG] program generating the key
should include a tag in the key describing which algorithms that the
generating application supports. Unfortunately PGP 8.x generates
keys with no compression preference specified. This allows the
program doing the encryption to choose an algorithm of its choice.
In your case, GPG picks an algorithm that PGP can't handle (ie
something other than ZIP).

You should probably edit your public key, using GPG, to specify that
ZIP is the only algorithm that should be used with that key. If you
do this, then any program using this key to encrypt will use the ZIP
algorithm which PGP supports.
gpg --edit-key <key ID>
then use the showpref / setpref commands.
Afterwards, you will have to update your public key on servers or
otherwise redistribute your public key.

An alternative method would be to configure your GPG to prefer the
ZIP algorithm when encrypting. This will solve your problem when you
self-encrypt but others encrypting to you that use this key may still
have this problem.

HTH,
John
Keith
2009-01-05 14:15:58 UTC
Permalink
Post by John Wunderlich
Post by Keith
One remaining issue is that stuff encrypted (to self) using gpg
fails to decrypt under PGP on Windoze, telling me something about
'decompression failed', so perhaps there are algorithm preference
issues between the two?
You are correct. PGP/GPG compresses the data before it encrypts the
data. There are three supported compression algorithms supported in
RFC 4880 -- ZIP, ZLIB, and BZip2. PGP 8.x only supports the ZIP
algorithm (GPG current version supports them all). Ideally, when
generating keypairs, the PGP [or GPG] program generating the key
should include a tag in the key describing which algorithms that the
generating application supports. Unfortunately PGP 8.x generates
keys with no compression preference specified. This allows the
program doing the encryption to choose an algorithm of its choice.
In your case, GPG picks an algorithm that PGP can't handle (ie
something other than ZIP).
You should probably edit your public key, using GPG, to specify that
ZIP is the only algorithm that should be used with that key. If you
do this, then any program using this key to encrypt will use the ZIP
algorithm which PGP supports.
gpg --edit-key <key ID>
then use the showpref / setpref commands.
Afterwards, you will have to update your public key on servers or
otherwise redistribute your public key.
That's very clearly explained - thanks a lot.

Neil - Salem, MA USA
2009-01-03 15:07:57 UTC
Permalink
Post by Keith
Hi all,
Is this an appropriate place to ask about stuff relating to gpg? If not,
can someone please direct me to a more appropriate forum?
Thx.
There are many messages posted here that discuss GPG as well as PGP or the
OpenPGP standard (RFC 4880) in general. However, be advised that there's
not a lot of activity on this newsgroup. A new message is posted, on
average, every four days. However, readers are fairly quick to reply.

Neil - Salem, MA USA
Speechless
2009-01-03 15:11:35 UTC
Permalink
Post by Keith
Hi all,
Is this an appropriate place to ask about stuff relating to gpg? If
not, can someone please direct me to a more appropriate forum?
Thx.
But, but, what if we don't know the answers? :O

It might depend on what the questions are...
Loading...