1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

* gpg.sgml: Note changes in --pgp8. Rephrase the "don't play algorithm

games" warning now that PGP has blowfish, zlib, and bzip2.
This commit is contained in:
David Shaw 2004-07-30 15:09:22 +00:00
parent fe94e944ba
commit 1253e4efc8
2 changed files with 20 additions and 14 deletions

View File

@ -1,3 +1,9 @@
2004-07-30 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Note changes in --pgp8. Rephrase the "don't play
algorithm games" warning now that PGP has blowfish, zlib, and
bzip2.
2004-06-18 David Shaw <dshaw@jabberwocky.com> 2004-06-18 David Shaw <dshaw@jabberwocky.com>
* DETAILS: Document PLAINTEXT and PLAINTEXT_LENGTH. * DETAILS: Document PLAINTEXT and PLAINTEXT_LENGTH.

View File

@ -1916,8 +1916,7 @@ TWOFISH.
Set up all options to be as PGP 8 compliant as possible. PGP 8 is a Set up all options to be as PGP 8 compliant as possible. PGP 8 is a
lot closer to the OpenPGP standard than previous versions of PGP, so lot closer to the OpenPGP standard than previous versions of PGP, so
all this does is disable --throw-keyid and set --escape-from-lines. all this does is disable --throw-keyid and set --escape-from-lines.
The allowed algorithms list is the same as --pgp7 with the addition of All algorithms are allowed except for the SHA384 and SHA512 digests.
the SHA-256 digest algorithm.
</para></listitem></varlistentry> </para></listitem></varlistentry>
</variablelist></para></listitem></varlistentry> </variablelist></para></listitem></varlistentry>
@ -2628,8 +2627,8 @@ is *very* easy to spy out your passphrase!
</para> </para>
<para> <para>
If you are going to verify detached signatures, make sure that the If you are going to verify detached signatures, make sure that the
program knows about it; either be giving both filenames on the program knows about it; either give both filenames on the command line
command line or using <literal>-</literal> to specify stdin. or use <literal>-</literal> to specify stdin.
</para> </para>
</refsect1> </refsect1>
@ -2637,8 +2636,8 @@ command line or using <literal>-</literal> to specify stdin.
<title>INTEROPERABILITY WITH OTHER OPENPGP PROGRAMS</title> <title>INTEROPERABILITY WITH OTHER OPENPGP PROGRAMS</title>
<para> <para>
GnuPG tries to be a very flexible implementation of the OpenPGP GnuPG tries to be a very flexible implementation of the OpenPGP
standard. In particular, GnuPG implements many of the "optional" standard. In particular, GnuPG implements many of the optional parts
parts of the standard, such as the RIPEMD/160 hash, and the ZLIB of the standard, such as the SHA-512 hash, and the ZLIB and BZIP2
compression algorithms. It is important to be aware that not all compression algorithms. It is important to be aware that not all
OpenPGP programs implement these optional algorithms and that by OpenPGP programs implement these optional algorithms and that by
forcing their use via the --cipher-algo, --digest-algo, forcing their use via the --cipher-algo, --digest-algo,
@ -2648,14 +2647,15 @@ cannot be read by the intended recipient.
</para> </para>
<para> <para>
For example, as of this writing, no (unhacked) version of PGP supports There are dozens of variations of OpenPGP programs available, and each
the BLOWFISH cipher algorithm. If you use it, no PGP user will be supports a slightly different subset of these optional algorithms.
able to decrypt your message. The same thing applies to the ZLIB For example, until recently, no (unhacked) version of PGP supported
compression algorithm. By default, GnuPG uses the standard OpenPGP the BLOWFISH cipher algorithm. A message using BLOWFISH simply could
preferences system that will always do the right thing and create not be read by a PGP user. By default, GnuPG uses the standard
messages that are usable by all recipients, regardless of which OpenPGP preferences system that will always do the right thing and
OpenPGP program they use. Only override this safe default if you know create messages that are usable by all recipients, regardless of which
what you are doing. OpenPGP program they use. Only override this safe default if you
really know what you are doing.
</para> </para>
<para> <para>