--
Also Sprach Philip Hazel
>On 9 Oct 2002, Jeffrey C. Ollie wrote:
>> I don't think that PGP signing software distributions is "over the
>> top", not anymore anyway. Just witness the recent OpenSSH debacle.
>> Really, once Philip gets set up and comfortable using gpg (or
>> whatever) it will only take a few minutes each time he creates a
>> release, plus a little time here and there maintaining his keys.
>I'm confused. What is the difference between PGP and GPG? This thread
>is using both of them...
OpenPGP is the "correct" term for the "file"[1] format for exchange of
PGP data. This was standardized as a work-around for the US's
ridiculous crypto export rules. PGP was originally the only software
that did PGP, but was developed in the US, so couldn't be exported.
Eventually, it was decided that the PGP "file" format would be
standardized so that interoperable implementations could be developed
outside of the US. So, OpenPGP has become that standard.
PGP is still a software package...there's been some news about it
recently as the company that owns it (NAI?) was going to discontinue it,
but Phil Zimmerman (the original author) called for it to be released
back to the community as open source...blah, blah...not sure where all
of that stands now.
GPG is the GNU implementation of the OpenPGP standard. GPG stands for
"Gnu Privacy Guard".
[1] The word "file" here is quoted as the data being exchanged isn't
always in a honest to goodness file...but its not a network protocol and
its transported in what amounts to a file one way or the other, and I
couldn't think of a better term for it. :)
--
Jeff McAdams Email: jeffm@???
Head Network Administrator Voice: (502) 966-3848
IgLou Internet Services (800) 436-4456
--
[ Content of type application/pgp-signature deleted ]
--