Mailing List Archive

At 9:21 PM 2/15/99, Rich Wales wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>I recently started using GnuPG. I hope, eventually, to write either
>(1) a front end that will autosense which decryption program (GnuPG,
>PGP 5.x, or PGP 2.6.x) to use for a given message, or else (2) an RSA
>extension for GnuPG using RSAREF (I currently live in the US), so that
>I can use RSA keys in GnuPG when necessary.

Other than the RSA/IDEA issue, all three are supposed to be compatible, no?...

I guess being able to kick in one or the other when you have RSA/IDEA if
you have a legal copy of PGP that does RSA would be good though.

-- "TANSTAAFL" Rich lynch@cognitivearts.com webmaster@ and www. all of:
R&B/jazz/blues/rock - jademaze.com music industry org - chatmusic.com
acoustic/funk/world-beat - astrakelly.com sculptures - olivierledoux.com
my own nascent company - l-i-e.com cool coffeehouse - uncommonground.com

Rich Wales <richw@webcom.com> writes:

> PGP 5.x, or PGP 2.6.x) to use for a given message, or else (2) an RSA
> extension for GnuPG using RSAREF (I currently live in the US), so that

But have a look at the GPL and grep for "patent".

> gpg: NOTE: cipher algorithm 1 not found in preferences
>
> Is there anything I can do to get rid of this diagnostic?

OpenPGP requires such a warning.

> Second, when I do "gpg --edit-key" on one of my RSA keys, and then give
> the "pref" (list preferences) command, no preference info is shown. Is
> there anything I can (or should bother to) do about this?

Currently there is no menu to edit the preferences and I'm not sure
whether such a menu makes sense at all (at least for the cryptographic
algorithms).

> Third, for what it may be worth, the list of "supported algorithms" I
> get with "gpg -h" does not include RSA or IDEA. Is this simply normal,
> given that the RSA and IDEA code is being loaded from extensions rather
> than being built in?

Kind of bug in --help - try "gpg --version"


Werner






--
ceterum censeo RSA esse delendam

On Feb 16, 9:19am, Werner Koch wrote:
> Rich Wales <richw@webcom.com> writes:
>
> > PGP 5.x, or PGP 2.6.x) to use for a given message, or else (2) an RSA
> > extension for GnuPG using RSAREF (I currently live in the US), so that
>
> But have a look at the GPL and grep for "patent".

The GPL prohibits distribution of non-free patented software, but not
*hooks* to it. U.S. people can obtain the patented RSAREF implementation
themselves if GnuPG came with the hooks, like SSH does.

- Dave Dykstra

Earlier, I wrote:

RW > or else (2) an RSA extension for GnuPG using RSAREF

Werner Koch replied:

WK > But have a look at the GPL and grep for "patent".

Would it be a violation of the GPL to have an RSA extension which con-
tained _only_ the required interface to the RSAREF library, so that the
user would have to obtain the RSAREF code separately (and agree to its
odious patent restrictions) in order to use it?

I'm definitely _not_ proposing to integrate RSAREF into GnuPG itself.
Apologies if I gave anyone that idea in my earlier message.

RW > gpg: NOTE: cipher algorithm 1 not found in preferences
RW > Is there anything I can do to get rid of this diagnostic?

WK > OpenPGP requires such a warning.

But section 12.4 of RFC 2440 (third paragraph) says RSA may be supported
for backward compatibility, and that this constitutes an exception to
the other "MUST" rules.

This would seem (to me) to override the "MUST" rule requiring the above
warning about IDEA not being an explicit preference on an old RSA key.

RW > when I do "gpg --edit-key" on one of my RSA keys,
RW > and then give the "pref" (list preferences) command,
RW > no preference info is shown.

WK > Currently there is no menu to edit the preferences
WK > and I'm not sure whether such a menu makes sense at
WK > all (at least for the cryptographic algorithms).

For the "backward compatibility" support of old RSA keys, I agree -- as
long as it is also agreed that section 12.4 of the RFC relieves us of
the mandate to issue warnings when such keys are used for decryption.

As far as newer keys are concerned, though, it seems to me that GnuPG
really should provide a way to specify non-standard preferences. Note
the last paragraph of section 5.2.3.1 of the RFC: "Implementations
SHOULD implement 'preferences'."

RW > the list of "supported algorithms" I get with "gpg -h"
RW > does not include RSA or IDEA. Is this simply normal,
RW > given that the RSA and IDEA code is being loaded from
RW > extensions rather than being built in?

WK > Kind of bug in --help - try "gpg --version"

OK. Is it feasible to fix this bug?

Rich Wales richw@webcom.com http://www.webcom.com/richw/

Hi,

Dave Dykstra:
> The GPL prohibits distribution of non-free patented software, but not
> *hooks* to it. U.S. people can obtain the patented RSAREF implementation
> themselves if GnuPG came with the hooks, like SSH does.
>
GnuPG comes with the hooks for a generic implementation.

Hacking the existing RSA code to call RSAREF instead of computing the stuff
for itself is left as an exercise to the reader -- since I'm outside the US
and couldn't care less anyway, _I_ am not going to do it. ;-)

--
Matthias Urlichs | noris network GmbH | smurf@noris.de | ICQ: 20193661

Rich Wales <richw@webcom.com> writes:

> Would it be a violation of the GPL to have an RSA extension which con-
> tained _only_ the required interface to the RSAREF library, so that the
> user would have to obtain the RSAREF code separately (and agree to its
> odious patent restrictions) in order to use it?

A module is part of the same process and therefor subject to the GPL
(it is linked). The GIMP uses another approach where every extension
is an own process and communicate with the main program by shared
memory. So it is possible to write a GPLed module which forks and
execs the non-GPLed module .... (but see my sig)

> RW > gpg: NOTE: cipher algorithm 1 not found in preferences
> RW > Is there anything I can do to get rid of this diagnostic?
>
> WK > OpenPGP requires such a warning.
>
> But section 12.4 of RFC 2440 (third paragraph) says RSA may be supported
> for backward compatibility, and that this constitutes an exception to

But cipher algorithm 1 is IDEA which is in another set of preferences.

> As far as newer keys are concerned, though, it seems to me that GnuPG
> really should provide a way to specify non-standard preferences. Note

Sure. But at some point we have to stop adding features until a real
release.


Werner


--
ceterum censeo RSA esse delendam

Rich Wales <richw@webcom.com> writes:

> Would it be a violation of the GPL to have an RSA extension which con-
> tained _only_ the required interface to the RSAREF library, so that the
> user would have to obtain the RSAREF code separately (and agree to its
> odious patent restrictions) in order to use it?

A module is part of the same process and therefor subject to the GPL
(it is linked). The GIMP uses another approach where every extension
is an own process and communicate with the main program by shared
memory. So it is possible to write a GPLed module which forks and
execs the non-GPLed module .... (but see my sig)

> RW > gpg: NOTE: cipher algorithm 1 not found in preferences
> RW > Is there anything I can do to get rid of this diagnostic?
>
> WK > OpenPGP requires such a warning.
>
> But section 12.4 of RFC 2440 (third paragraph) says RSA may be supported
> for backward compatibility, and that this constitutes an exception to

But cipher algorithm 1 is IDEA which is in another set of preferences.

> As far as newer keys are concerned, though, it seems to me that GnuPG
> really should provide a way to specify non-standard preferences. Note

Sure. But at some point we have to stop adding features until a real
release.


Werner


--
ceterum censeo RSA esse delendam