How can I tell what version of PGP BouncyCastle has implemented in their Java implementation of PGP encription?
Looking at the release notes of Bounty Castle, I dont see any dates or a开发者_如何学Pythonnything referring to what version of PGP it is up to par with. Maybe I am thinking of it incorrectly.
"PGP" stands for product and company name and is a trademark. The standard's name is "OpenPGP" and it was defined in RFC 2440 and 4880.
Each implementation can implement one or both of these standard completely or partially. If BouncyCastle information specifies, which RFCs are implemented, I think they implemented them completely.
Now the tricky part. PGP (software) came in different versions most widespread of which are 2.6.3, 5.6 and 8.x / 9.x. Each of those versions has it's own shortcomings, specifics and deviations from the standard. Eg. version 2.6.3 uses IDEA (patented algorithm) and RSA keys. Version 5.6 uses CAST and can work with ElGamal and RSA keys, but has some other shortcomings. Now, versions 2.6, 5.6 and 8/9 use different formats of packets and some other options.
So information about what "version" BouncyCastle (or anything else) implements doesn't really give you much knowledge. It's more important to know what software will be used to process the data you encrypt or sign, cause for unknown reasons decade-old versions 2.6 and 5.x are still widely used.
精彩评论