On Thu, Aug 12, 2004 at 11:20:28PM +0200, Florian Weimer wrote:
Quoting Florian Weimer ([EMAIL PROTECTED]):
Just out of curiosity, are there now, or have there been in the
past, any _other_ implementations of the OpenPGP spec, besides
GnuPG?
GnuPG is not a complete implementation of
On Tue, Aug 10, 2004 at 02:51:19PM -0700, Rick Moen wrote:
Quoting Ian Beckwith ([EMAIL PROTECTED]):
Do you have links to documentation of these issues or where to get the
pirated versions? How pirated/illegal are they?
License permitting, I could maybe take patches from them.
Hi, Phillip Hofmeister wrote:
If you wanted to
make a second version of GPG and place it in non-free, that would likely
be an acceptable option.
You don't need to make a second version of GPG; the IDEA module can be
loaded dynamically.
--
Matthias Urlichs
--
To UNSUBSCRIBE, email to
On Thu, 12 Aug 2004 at 03:35:29AM -0400, Matthias Urlichs wrote:
Hi, Phillip Hofmeister wrote:
If you wanted to
make a second version of GPG and place it in non-free, that would likely
be an acceptable option.
You don't need to make a second version of GPG; the IDEA module can be
* Phillip Hofmeister:
You don't need to make a second version of GPG; the IDEA module can be
loaded dynamically.
Then the module would need to be in non-free.
non-us, I think.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Thu, 12 Aug 2004, Florian Weimer wrote:
You don't need to make a second version of GPG; the IDEA module can be
loaded dynamically.
Then the module would need to be in non-free.
non-us, I think.
non-free in non-us, actually. And maybe not even there, since the IDEA
patent is a problem
* Ian Beckwith:
On Sat, Aug 07, 2004 at 09:17:38PM +0200, Florian Weimer wrote:
Both PGP 5 and 6.5 have security issues which haven't been fixed
upstream (because there isn't any upstream anymore). There are some
pirated versions of 6.5.8 that incorporate fixes, but Debian certainly
* Henrique de Moraes Holschuh:
On Thu, 12 Aug 2004, Florian Weimer wrote:
You don't need to make a second version of GPG; the IDEA module can be
loaded dynamically.
Then the module would need to be in non-free.
non-us, I think.
non-free in non-us, actually.
Why non-free? The code is
On Thu, 12 Aug 2004, Florian Weimer wrote:
* Henrique de Moraes Holschuh:
On Thu, 12 Aug 2004, Florian Weimer wrote:
You don't need to make a second version of GPG; the IDEA module can be
loaded dynamically.
Then the module would need to be in non-free.
non-us, I think.
non-free
* Henrique de Moraes Holschuh:
Why non-free? The code is available under a DFSG-free copyright
license.
The one I have here isn't, but if you have one that is entirely DFSG-free,
that's much better.
An older version is available from:
Quoting Florian Weimer ([EMAIL PROTECTED]):
* Henrique de Moraes Holschuh:
Why non-free? The code is available under a DFSG-free copyright
license.
The one I have here isn't, but if you have one that is entirely DFSG-free,
that's much better.
An older version is available from:
Quoting Florian Weimer ([EMAIL PROTECTED]):
I once worked on an OpenPGP implementation vulnerability matrix, but
this topic isn't very interesting anymore. For me at least, there's
just GnuPG.
Just out of curiosity, are there now, or have there been in the past,
any _other_ implementations
* Rick Moen:
Quoting Florian Weimer ([EMAIL PROTECTED]):
I once worked on an OpenPGP implementation vulnerability matrix, but
this topic isn't very interesting anymore. For me at least, there's
just GnuPG.
Just out of curiosity, are there now, or have there been in the past,
any _other_
On Tue, 10 Aug 2004 at 05:51:19PM -0400, Rick Moen wrote:
Quoting Ian Beckwith ([EMAIL PROTECTED]):
Do you have links to documentation of these issues or where to get the
pirated versions? How pirated/illegal are they?
License permitting, I could maybe take patches from them.
On Sat, Aug 07, 2004 at 09:17:38PM +0200, Florian Weimer wrote:
Both PGP 5 and 6.5 have security issues which haven't been fixed
upstream (because there isn't any upstream anymore). There are some
pirated versions of 6.5.8 that incorporate fixes, but Debian certainly
shouldn't encourage
Quoting Ian Beckwith ([EMAIL PROTECTED]):
Do you have links to documentation of these issues or where to get the
pirated versions? How pirated/illegal are they?
License permitting, I could maybe take patches from them.
Quoting the licence for pgpi 6.5.8:
The source code contained herein
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In short, better package the IDEA module for GnuPG...
I did some work on this sometime ago, based on a previous package. The
work is here:
http://tiefighter.et.tudelft.nl/~arthur/gnupg-idea/
It is sort of an source-based installer. You get the
http://tiefighter.et.tudelft.nl/~arthur/gnupg-idea/
It is sort of an source-based installer. You get the source, when
building the package it downloads the source and creates a binary
package. The source file idea.c is however not DFSG free because the
copyrights notice forbids distribution
* Arthur de Jong:
In short, better package the IDEA module for GnuPG...
I did some work on this sometime ago, based on a previous package. The
work is here:
http://tiefighter.et.tudelft.nl/~arthur/gnupg-idea/
It is sort of an source-based installer. You get the source, when building
the
Thanks to everyone for your comments.
On Thu, Aug 05, 2004 at 06:58:58PM +0100, Dale Amon wrote:
Keep in mind people may have encrypted files and email
archived. The means of accessing archive data should
be considered to be at least as immortal as the data
itself.
Given this and Rick
* Ian Beckwith:
I shall attempt to get an updated pgp5i with FTBFS fixes into sarge,
and post-sarge I will package 6.5.8 and get the package renamed
from pgp5i to pgp.
Both PGP 5 and 6.5 have security issues which haven't been fixed
upstream (because there isn't any upstream anymore). There
On Thu, 2004-08-05 at 14:13, Rick Moen wrote:
Just attempting to fill in missing detail: PGP first used for its
symmetric cipher Zimmerman's own amateur effort Bass-o-Matic, which
was quickly dropped and replaced with the IDEA algorithm. IDEA is
patent encumbered (and will remain that way
Hello.
I am in the process of taking over maintenance of pgp5i, based on the
international unix version of PGP version 5, pgp50i-unix-src.tar.gz
The previous maintainer suspects that nobody uses the package anymore
so it can be removed from debian, as everyone has switched to gpg.
Is anyone
On Thu, Aug 05, 2004 at 06:51:22PM +0100, Ian Beckwith wrote:
If there is a demand for it, is there any reason I shouldn't upgrade
to the package to the latest pgp? (6.5.8 I believe, assuming the
international pgp restrictions no longer apply).
Keep in mind people may have encrypted files and
Quoting Dale Amon ([EMAIL PROTECTED]):
On Thu, Aug 05, 2004 at 06:51:22PM +0100, Ian Beckwith wrote:
If there is a demand for it, is there any reason I shouldn't upgrade
to the package to the latest pgp? (6.5.8 I believe, assuming the
international pgp restrictions no longer apply).
On Thu, Aug 05, 2004 at 11:40:09AM -0700, Rick Moen wrote:
Keep in mind people may have encrypted files and email
archived. The means of accessing archive data should
be considered to be at least as immortal as the data
itself.
Aren't GnuPG's decryption/verification features a superset
Quoting Dale Amon ([EMAIL PROTECTED]):
I don't know for sure either. I do seem to remember there was a
document explaining how to transition and that there was a new key
generation method. I also vaguely remember having some problem with my
own package signing keys when the switch was made
27 matches
Mail list logo