John W. Moore III jmoore3rd at bellsouth.net wrote on Thu Jun 12 19:38:16 CEST 2008 :
>I may be mis-reading Your question. yes, suggestion only, for a workaround, >Upon re-reading I am of the opinion >that what You desire may already be covered with use of the >preferred-algo-preference string placed within gpg.conf. no, that allows the user to choose which cipher to use for encryption to begin with my suggestion is *after* Camellia is enabled in a hacked version and unable to be decrypted in the hacked version when the message was encrypted using Camellia in a later version the problem with changing the name of the cipher in a later (open- pgp approved version) is that when the session key is retrieved from the public key encrypted packet, it needs to know what cipher it is to be plugged into to decrypt for the sake of illustration, let's say that a newer version that may be calling Camellia with the identifier of 13, the older version, which thinks that Camellia is 11, and is using 13 for yet another cipher, will not be able to decrypt the message from the newer version that used the identifier 13, because it is trying to use the session key with the wrong cipher my workaround suggestion, was similar to the solution for decryption of messages done with the throw-keyid option Disastry's last version of pgp 2.3i-multi-6, had two variations of the throw-keyid option: random keyid, and fake keyid in both variations, the keyid listed as part of the pgp message, was NOT the public key that the session key was encrypted to the gnupg option used to decrypt such messages, was --try-all-secrets similarly, as a workaround suggestion, if decryption doesn't work because the correct session key has the wrong cipher identifier, it could be still be decrypted by making an option of --try-all-ciphers (easier, because the passphrase doesn't have to be re-entered for each key ;- ) ) again, NOT a feature request for the gnupg development team :-) (am quite happy to wait for the 'official' version, whenever that may be) sorry if i didn't write it clearly in my earlier post vedaal any ads or links below this message are added by hushmail without my endorsement or awareness of the nature of the link -- Click here if you're tired of your job and want to increase your salary. http://tagline.hushmail.com/fc/Ioyw6h4dBjsaEn26hZilhUk9p4D3LoLePYM31pKYD9uMHRALWomYTl/ _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
