Mailing List Archive

On Fri, 11 Aug 2000, John Bacalle wrote:

> As far as I can tell from reading docs and FAQs[1] DSA (as it appears in
> GnuPG) is the same as DSS under PGP (as it appears in PGP 5/6), yes?

DSA = Digital Signature Algorithm.

DSS = Digital Signature Standard.
This is the combination of DSA, the SHA-1 hash algorithm and
some other minor things.

DH = Diffie-Hellman Keyexchange (PGP uses this for ELG-E)

ELG = ElGamal Encryption (can be used for signatures but is not
suggested).

ELG-E = Same as ELG but has another OpenPGP identifier number which
flags it as only to be used for encryption. This is what
PGP calls DH.


--
Werner Koch GnuPG key: 621CC013
OpenIT GmbH http://www.OpenIT.de

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org

On Fri, Aug 11, 2000 at 06:37:14AM -0700, L. Sassaman wrote:
> On Fri, 11 Aug 2000, John Bacalle wrote:
-snip GnuPG/PGP can exchange DSA/DSS messages?-
> For some reason, the encryption subkey in PGP is called "DH". It's really
> ElGamal Encryption (ELG-E).

> The [digital signature] algorithm used in PGP is DSA, [the]
> hash is SHA-1.

(Thanks to Werner and yourself I have a better understanding of things
now. Much gratitude! I need to explicitly clarify, though.)

So, if PGP does DSA-SHA1 (but, calls it DSS - fine), and GnuPG does the
same (it's the default --gen-key option afterall), therefore both can fully
inter-operate in this pubkey format?

Ditto ELG-E/DH?

> [To GPG<->PGP] just disable that ELG support, and add the RSA and IDEA
> modules (provided it's leagal where you are).

OK.

[Recapping]

GnuPG PGP
----- ---

(DSA/DSS)SHA1 Y Y

ELG-E/DH Y Y

ELG Y N

RSA N* Y

IDEA N* Y

* It is Y(es) if the module/patch available is applied.

I am already aware that GnuPG can do RSA (although can it also generate
RSA keys after patching?), but rather I was more wondering how firm was the
inter-operation of the newer pubkey/signkey formats between the two
applications?

Thus, it appears to me at this point that if I use the default GnuPG
--gen-key option (DSA + ELG-E w/SHA1) I will be just fine communicating
with PGP 5/6 users.

John

--
John Bacalle

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, 12 Aug 2000, John Bacalle wrote:

> If this exact kind of information is in a FAQ, either GnuPG or PGP
> (pgpi.org was a place I also looked for this kind of information), I
> plum missed it. In another reply I'm sending now there is a little
> diagram that should also be listed in a FAQ somewhere, or something
> like it. Assuming that my understanding is correct.

If it isn't listed somewhere, this is the type of information that would
nicely fit into the PGP Interactions page that I maintain. The purpose of
the page is to determine what versions of PGP will use RSA keys, DSS keys,
etc. (Lately the purpose has grown to include differences in features as
well.) I also have a (slightly out of date) GPG
Page. http://rmarq.pair.com/pgp

I'm willing to add the information if someone could please send it to
me. RJ <G> :)

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
RJ Marquette rmarq(at)bellatlantic.net RSA:448B035F DSS:CB45C555
My PGP and Skating pages: http://rmarq.pair.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: pgpenvelope - http://www.uiuc.edu/ph/www/ftobin/resources.html

iD8DBQE5lVbe0DB5TMtFxVURAsphAKDTNoT8OZkiLQjO/csD6Jo3zRm1+wCdEMCz
rEHMK7mfmK6YYAMW6AhbiwE=
=+cjM
-----END PGP SIGNATURE-----

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org