-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 . When I encrypt a message using KMail and GPG, to an Outlook user, they invariably get a message, "encrypted session key is bad". Checking Google there is some confusion, but the most credible answer (from Disastry) is this is: "probably because of MDC. GPG uses MDC with AES,Twofish. however 6.5.8ckt06 should be able to decrypt Blowfish encrypted msgs. "you can disable MDC with --openpgp switch. then 6.5.8ckt06 should be able to decrypt all ciphers. "> P.S. Disastry... what's MDC and why does GnuPG use it? "Modification Detection Code, generaly SHA1 hash of message appended to message before encryption. and message encrypted w/o resync after IV.But I need to encrypt to users of many versions." I can't find anywhere to tell it a preferred algo, and I added openpgp to options. Still the error. So do I ditch GPG for PGP? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjzhKoMACgkQnQ18+PFcZJubgACcCBQ7ltlpQiZzXKqRv7KAgdf0 NEYAn1/W8QMb/f2PaAzFjFBgJ/j94MmK =2tpb -----END PGP SIGNATURE-----