David Shaw wrote: > > We're both right with regards to the facts of PGP 2.x. With all due > respect to Robert, I'm right with regards to whether it'll work. > > You have a modern OpenPGP program. Your correspondent has, or can be made > to have, a modern > OpenPGP program. Your correspondent's key is a V3 key (the so-called > "PGP 2.x" key). > > OpenPGP does just fine with V3 keys. The spec says: > > Since you are the one doing the encrypting, and you are running GPG, and > your GPG does not have IDEA, you will encrypt using 3DES. Your > correspondent, receiving this message will be able to decrypt it as > 3DES is required by all OpenPGP programs. >
I did a test with the contact, and I received this response: contact with legacy v3 key wrote: > Won't be a problem... we use McAfee e-Business Server v7.5 on our OS/390 > mainframe as well as McAfee e-Business v8.x on Windows as well as GnuPG > (gpg) with IDEA support DLL. I was able to decrypt your message > (encrypted with our legacy IDEA key). So it seems to work, but I do have this concern: is it possible that since they tested it on Windows with GnuPG and not on their e-Business server on the mainframe and that the real file will fail when their mainframe attempts to decrypt it? I sent this reply to get that extra test done: rlively wrote: > Is it possible to transfer the file to your mainframe to see if e-Business > server can decrypt it as well? We do not have the IDEA support DLL, which > means that the message was encrypted using 3DES instead of IDEA, but > modern GnuPG and PGP installations are still perfectly capable of > decrypting that. I do have concerns about the e-Business server > installation on the mainframe, though. Is that correct? When I view the encrypted file, it shows this: public key encrypted packet: version 3, algo RSA, keyid <blahblah> encrypted data packet: mdc method 0, length 82. What is mdc method 0? My concern is partially due to this entry on http://en.wikipedia.org/wiki/Pretty_Good_Privacy#Network_Associates_acquisition Wikipedia , which seems to imply that the development for e-Business server stopped in 2001, which means that it may fall under the heading of "legacy PGP program" that is not OpenPGP conformant and therefore can't decrypt the OpenPGP traffic: wikipedia wrote: > In early 2001, Zimmermann left NAI. He served as Chief Cryptographer for > Hush Communications, who provide an OpenPGP-based e-mail service, > Hushmail. He has also worked with Veridis and other companies. In October, > 2001, NAI announced that its PGP assets were for sale and that it was > suspending further development of PGP encryption. The only remaining asset > kept was the PGP E-Business Server (the original PGP Commandline version). > In February 2002, NAI cancelled all support for PGP products, with the > exception of the re-named commandline product. NAI (now McAfee) continues > to sell and support the product under the name McAfee E-Business Server. -- View this message in context: http://www.nabble.com/Export-secret-key-from-WinXP-%28GnuPG%29-1.4.7-to-AIX-PGP-Version-6.5.8-gives-Bad-Pass-Phrase-tp19512637p19558520.html Sent from the GnuPG - User mailing list archive at Nabble.com. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
