>Date: Wed, 17 Sep 2008 06:42:10 -0700 (PDT) >From: rlively <[EMAIL PROTECTED]> >Subject: Re: Export secret key from WinXP (GnuPG) 1.4.7 to AIX PGP > Version 6.5.8 gives Bad Pass Phrase
>I need help reconciling the two responses below. I am still going >to get a >test file encrypted/decrypted using GPG 1.4.7 with the owner of >said key >just to see how it goes, but that might take a while, and I need >to improve my general understanding of this entire process >and all of the software involved anyway. >David Shaw wrote: >> Yes. Even though the key specifies IDEA as a cipher, modern >OpenPGP systems (GPG or PGP) will both use 3DES as an alternative if >they do not have IDEA. >> >> > If they use a newer version of PGP or GnuPG we should be >fine? >> >> Yes. >Robert J. Hansen-3 wrote: >> >> >This is a PGP 2.6 key, unfortunately. >> >> > If they use a newer version of PGP or GnuPG we should be >fine? >> >> He is not. both posts are technically correct but, practically, the problem is that NO newer version of PGP, will use anything besides IDEA to encrypt to a pgp 2.6 key, so, while you can use gnupg to encrypt to that key, using ANY cipher, and PGP can decrypt it (as long as the version of PGP used has that cipher i.e., PGP 6x doesn't have AES, so it can't decrypt an AES message, but PGP 9.x does and can) you will still not be able to use gnupg to decrypt any message done in ANY version of PGP that encrypts to a pgp 2.x key, unless you have IDEA installed in your gnupg to make life simple for you, if you aren't a stickler for the IDEA patent issues, and if you don't get any grief from the legal team at your work, just put IDEA into your gnupg; [1] get the IDEA module: ftp://ftp.gnupg.dk/pub/contrib-dk/ideadll.zip [2] unzip this to your gnupg folder (c:\gnupg) [3] put this line into your gpg.conf file: load-extension c:\gnupg\IDEA.dll now you can decrypt whatever the client sends to you alternatively, as the client uses pgp 6.5.8 just ask the client to generate a new DH/DSA key (REAL 'diehard' pgp 2.x users, don't use anything besides 2.x ;-) so if the client already has 6.5.8 he may be more amenable to making a new key, and then all you have to do, is use the option of --pgp6 and gnupg will automatically make sure that everything you send can be decrypted and verified by 6.5.8) vedaal any ads or links below this message are added by hushmail without my endorsement or awareness of the nature of the link -- Enhance your home's curb appeal with name brand shutters. Click now. http://tagline.hushmail.com/fc/Ioyw6h4dZriiv64dIK5kLv7cT4enlUOJKv0jhymfS6YyOIseeni83N/ _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users