head	1.10;
access;
symbols
	DEVEL-BRANCH-1-1:1.10
	V1-0-0:1.9
	V0-9-11:1.9
	V0-9-10:1.8
	V0-9-9:1.8
	V0-9-8:1.8
	V0-9-7:1.8
	V0-9-6:1.8
	V0-9-5:1.7
	V0-9-4:1.7
	V0-9-3:1.7
	V0-9-2:1.7
	V0-9-1:1.6
	V0-9-0:1.6
	V0-4-5:1.5
	V0-4-4:1.5
	V0-4-3:1.3
	V0-4-2:1.3
	V0-4-1:1.2;
locks; strict;
comment	@# @;


1.10
date	99.09.13.08.56.43;	author wkoch;	state Exp;
branches;
next	1.9;

1.9
date	99.08.31.15.30.06;	author wkoch;	state Exp;
branches;
next	1.8;

1.8
date	99.04.06.18.04.51;	author wkoch;	state Exp;
branches;
next	1.7;

1.7
date	99.01.12.10.20.16;	author koch;	state Exp;
branches;
next	1.6;

1.6
date	98.12.14.20.22.35;	author koch;	state Exp;
branches;
next	1.5;

1.5
date	98.11.20.17.42.04;	author koch;	state Exp;
branches;
next	1.4;

1.4
date	98.11.13.19.41.34;	author koch;	state Exp;
branches;
next	1.3;

1.3
date	98.10.18.15.21.12;	author koch;	state Exp;
branches;
next	1.2;

1.2
date	98.10.01.07.22.49;	author wk;	state Exp;
branches;
next	1.1;

1.1
date	98.09.29.16.15.13;	author wk;	state Exp;
branches;
next	;


desc
@@


1.10
log
@See ChangeLog: Mon Sep 13 10:55:14 CEST 1999  Werner Koch
@
text
@		    GnuPG and OpenPGP
		    =================

   See RFC2440 for a description of OpenPGP.  We have an annotated version
   of this RFC online:	http://www.gnupg.org/rfc2440.html



  Compatibility Notes
  ===================
   GnuPG (>0.4.5) is in compliance with RFC2440 despite these exceptions:

    * (9.1) states that RSA SHOULD be implemented.  This is not done
      (except with an extension, usable outside the U.S.) due to
      patent problems.

    * (9.2) states that IDEA SHOULD be implemented.  This is not done
      due to patent problems.


   All MAY features are implemented with this exception:

    * multi-part armored messages are not supported.
      MIME should be used instead.

   Most of the OPTIONAL stuff is implemented.

   There are a couple of options which can be used to override some
   RFC requirements.  This is always mentioned with the description
   of that options.

   A special format of partial packet length exists for v3 packets
   which can be considered to be in compliance with RFC1991;  this
   format is only created if a special option is active.


  Some Notes on OpenPGP / PGP Compatibility:
  ==========================================

     * PGP 5.x does not accept V4 signatures for anything other than
       key material.  The GnuPG option --force-v3-sigs mimics this
       behavior.

     * PGP 5.x does not recognize the "five-octet" lengths in
       new-format headers or in signature subpacket lengths.

     * PGP 5.0 rejects an encrypted session key if the keylength
       differs from the S2K symmetric algorithm. This is a bug in its
       validation function.

     * PGP 5.0 does not handle multiple one-pass signature headers and
       trailers. Signing one will compress the one-pass signed literal
       and prefix a V3 signature instead of doing a nested one-pass
       signature.

     * When exporting a private key, PGP 2.x generates the header
       "BEGIN PGP SECRET KEY BLOCK" instead of "BEGIN PGP PRIVATE KEY
       BLOCK". All previous versions ignore the implied data type, and
       look directly at the packet data type.

     * In a clear-signed signature, PGP 5.0 will figure out the correct
       hash algorithm if there is no "Hash:" header, but it will reject
       a mismatch between the header and the actual algorithm used. The
       "standard" (i.e. Zimmermann/Finney/et al.) version of PGP 2.x
       rejects the "Hash:" header and assumes MD5. There are a number
       of enhanced variants of PGP 2.6.x that have been modified for
       SHA-1 signatures.

     * PGP 5.0 can read an RSA key in V4 format, but can only recognize
       it with a V3 keyid, and can properly use only a V3 format RSA
       key.

     * Neither PGP 5.x nor PGP 6.0 recognize ElGamal Encrypt and Sign
       keys. They only handle ElGamal Encrypt-only keys.


  Parts of this document are taken from:
  ======================================

			 OpenPGP Message Format
		   draft-ietf-openpgp-formats-07.txt


   Copyright 1998 by The Internet Society. All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph
   are included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.


@


1.9
log
@See ChangeLog: Tue Aug 31 17:20:44 CEST 1999  Werner Koch
@
text
@d4 1
a4 1
   See RFC2440 for a description of OpenPGP.  I have an annotated version
@


1.8
log
@See ChangeLog: Tue Apr  6 19:58:12 CEST 1999  Werner Koch
@
text
@d42 1
a42 1
       behaviour.
@


1.7
log
@See ChangeLog: Tue Jan 12 11:17:18 CET 1999  Werner Koch
@
text
@d5 1
a5 1
   of this RFC online:	http://www.d.shuttle.de/isil/gnupg/rfc2440.html
a12 9
    ===> Please can someone check this <=========

    * (5.2) GnuPG generates V4 signatures for all V4 keys.  The option
      --force-v3-sigs allows to override.

    * (5.3) GnuPG has an option to use simple S2K for "Symmetric-Key
      Encrypted Session-Key Packets"; however a warning message is
      issued if this option is active.

a19 7
    * (12.1) states that an implementation MUST NOT use a symmetric
      algorithm which is not in the preference list.  GnuPG has an
      option to override this.

    * A special format of partial packet length exists for v3 packets
      which can be considered to be in compliance with RFC1991;  this
      format is only created if a special option is active.
d28 7
a34 1

d41 2
a42 1
       key material.
@


1.6
log
@See ChangeLog: Mon Dec 14 21:18:49 CET 1998  Werner Koch
@
text
@d29 1
a29 1
    * (12.1) states that an implementaion MUST NOT use a symmetric
d82 2
a83 2
     * Neither PGP 5.x nor PGP 6.0 recognize Elgamal Encrypt and Sign
       keys. They only handle Elgamal Encrypt-only keys.
@


1.5
log
@Expiration time works (I hope so)
@
text
@d11 1
a11 1
   GnuPG (>=0.4.1) is in compliance with RFC2440 despite these exeptions:
a14 4
    * (5.1) The critical bit in signature subpackets is currently
      ignored.	This will be fixed soon.


a20 7

    * (5.5.2) states that an implementaion MUST NOT create a v3 key
      with an algorithm other than RSA.  GnuPG has an option to
      create an ElGamal key in a v3 packet; the properties of such
      a key are as good as a v4 key.  RFC1991 does not specifiy how
      to create fingerprints for algorithms other than RSA and so it
      is okay to choose a special format for ElGamal.
@


1.4
log
@See ChangeLog ;-).  Key validation should now be faster
@
text
@d4 2
a5 1
   See RFC2440 for a description of OpenPGP.
@


1.3
log
@Snapshot release 0.4.2
@
text
@d4 1
a4 1
   The current OpenPGP draft expires 1999-02.
a5 15
   OpenPGP is an Internet-Draft.  Internet-Drafts are working
   documents of the Internet Engineering Task Force (IETF), its areas,
   and its working groups.  Note that other groups may also distribute
   working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other documents
   at any time.  It is inappropriate to use Internet-Drafts as
   reference material or to cite them other than as "work in progress."

   To view the entire list of current Internet-Drafts, please check the
   "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow
   Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern
   Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific
   Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast).
d10 3
a12 1
   GnuPG (>=0.4.1) is in compliance with OpenPGP despite these exeptions:
@


1.2
log
@*** empty log message ***
@
text
@d1 1
a1 1
		    GNUPG and OpenPGP
d25 1
a25 1
   GNUPG (>=0.4.1) is in compliance with OpenPGP despite these exeptions:
d30 5
a34 1
    * (5.3) GNUPG has an option to use simple S2K for "Symmetric-Key
d39 1
a39 1
      with an algorithm other than RSA.  GNUPG has an option to
d53 1
a53 1
      algorithm which is not in the preference list.  GNUPG has an
@


1.1
log
@*** empty log message ***
@
text
@d25 1
a25 1
   GNUPG (>0.4) is in compliance with OpenPGP despite these exeptions:
d60 2
@
