Removing v3 support from 2.1

Marco d'Itri md at Linux.IT
Mon Nov 3 05:58:27 CET 2014


On Oct 15, Werner Koch <wk at gnupg.org> wrote:

> > I removed all code pertaining to v3 keys and also forced using v4
> > signatures.  If you want to test this, please checkout the
> > "wk/test-master" branch.
> I plan to move that to master soon.  If you want to send a "Please
> consider not to do that" comment, you should hurry up.
I should have checked...
Let me present you my use case for v3 support: 0xB28B9B51 and 0x7D960EBD.

I use these v3 keys to sign the control messages which manage the it.* 
and linux.* newsgroups, and given the sad state of Usenet nowadays I see 
no credible scenario in which I could persuade every site to update 
their keyring.

Of the 101 keys currently used to sign control messages, 83 of them are 
v3 and we are stuck with them essentially forever:

wget ftp://ftp.isc.org/pub/pgpcontrol/PGPKEYS
gpg --batch --no-permission-warning \
       --no-default-keyring --keyring=testring.pub --no-options \
       --allow-non-selfsigned-uid --fast-import PGPKEYS
gpg --no-default-keyring --keyring=testring.pub --fingerprint --list-keys --with-colons | awk -F: '/^pub:/ { cur = $10 } /^fpr:/ { if (length($10) == 32) print cur }' | wc -l

-- 
ciao,
Marco
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: Digital signature
URL: </pipermail/attachments/20141103/7692b35e/attachment.sig>


More information about the Gnupg-devel mailing list