Date: Fri, 14 Nov 1997 10:18:32 +0200 (EET) From: Narvi <narvi@haldjas.folklore.ee> To: "David E. Tweten" <tweten@frihet.com> Cc: freebsd-ports@FreeBSD.ORG Subject: Re: PGP Key Size Limitation in Ports Message-ID: <Pine.BSF.3.96.971114101656.3178A-100000@haldjas.folklore.ee> In-Reply-To: <199711112222.OAA14392@ns.frihet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 11 Nov 1997, David E. Tweten wrote: > I just pkg_delete'd pgp and rsaref, made them clean, and did make installs on > both to be sure things still work as I remembered. They do. Ports MIT PGP > 2.6.2 will still only accept keys up to 1024 bits in length. That's a bug. > > Real MIT PGP 2.6.2 works with keys up to 2048 bits, and generates keys up to > 2047 bits, when compiled for Unix. A possible reason for the difference is > that real MIT PGP 2.6.2 contains and uses an enhanced version of rsaref, with > permission from RSADSI. The stock rsaref (which is presumably the one built > by Ports) has the 1024-bit restriction. > > Why does Ports build domestic PGP 2.6.2 to use the less capable rsaref, when > the more capable modified version is shipped with the other source from MIT? Because the only RSA encryption you can use inside US comes from RSA. It is *illegal* for you to use any other lib than the one you get from RSA. > -- > David E. Tweten | 2047-bit PGP fingerprint: | tweten@frihet.com > 12141 Atrium Drive | E9 59 E7 5C 6B 88 B8 90 | tweten@and.com > Saratoga, CA 95070-3162 | 65 30 2A A4 A0 BC 49 AE | (408) 446-4131 > Those who make good products sell products; those who don't, sell solutions. > > Sander There is no love, no good, no happiness and no future - all these are just illusions.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971114101656.3178A-100000>