Right from the debian package descriptions: gpg-rsa - RSA (PGP 2.x-compatible) module for GNU Privacy Guard This package contains an extension module for the GNU Privacy Guard (GPG), adding support for the RSA public key algorithm from RSA Laboratories. RSA is required to support standard PGP 2.x keys fully with GPG. Note that RSA is patented in the US until at least September, 2000; if you are encumbered by those US patents, please use gpg-rsaref package. See /usr/share/doc/gpg-rsa/copyright for more info. gpg-rsaref - RSAREF module for GNU Privacy Guard This module implements the RSA public key algorithm using the RSAREF library from RSA Labratories. It should be used within the United States. This module isn't terribly great as RSAREF has no concept of secure memory so the secret key and the symmetric cipher are written to insecure memory in several places in this code and within the RSAREF lib. Memory that is touched by sensitive information is blanked out before being freed, so in effect this is as secure as PGP2.x is on unix systems. If you aren't encumbered by the US patents, please use gpg-rsa. gpg-idea - IDEA (PGP 2.x-compatible) module for GNU Privacy Guard This package contains an extension module for the GNU Privacy Guard (GPG), adding support for the IDEA cipher algorithm. RSA and IDEA are required to support standard PGP 2.x keys fully with GPG (RSA only will do for signature verification though). IDEA is also the default cipher used by PGP 2.x, and is required to decrypt data sent by someone using PGP 2.x, to encrypt data for a PGP 2.x user, and to sign if you have a passphrase on your PGP secret key (the passphrase is signature verification though). IDEA is also the default cipher used by PGP 2.x, and is required to decrypt data sent by someone using PGP 2.x, to encrypt data for a PGP 2.x user, and to sign if you have a passphrase on your PGP secret key (the passphrase is encrypted using IDEA). NB you can use PGP to remove the passphrase, copy the key to GPG, and add a passphrase with GPG, and still sign without IDEA. IDEA is unfortunately patented with big restrictions in Europe and the USA - please see /usr/share/doc/gpg-idea/copyright. And pulled from the GnuPG site ( http://www.gnupg.org/ ): GnuPG is a RFC2440 (OpenPGP) compliant application. Decrypts and verifies PGP 5.x messages. Supports ElGamal (signature and encryption), DSA, 3DES, Blowfish, Twofish, CAST5, MD5, SHA-1, RIPE-MD-160 and TIGER. Hope that helps a bit. Outside of Debian I don't know where you find the idea or rsa modules, but the main sitewould be a good place to start. (These modules are in the non-free sections of debian non-US) -- Andy Zbikowski, Sys Admin | (WEB) http://www.ltiflex.com LTI Flexible Products, Inc. | (PH) 763-428-9119 (EX) 132 21801 Industrial Blvd | (FX) 763-428-9126 Rogers, MN 55374 | (PCS) 612-306-6055 -------------- next part -------------- --------------------------------------------------------------------- To unsubscribe, e-mail: tclug-list-unsubscribe at mn-linux.org For additional commands, e-mail: tclug-list-help at mn-linux.org