Why 2.1 is delayed for so long

David Shaw dshaw at jabberwocky.com
Mon Sep 22 17:14:44 CEST 2014


On Sep 22, 2014, at 9:48 AM, Robert J. Hansen <rjh at sixdemonbag.org> wrote:

>> they should be named:
>> 
>>   (1) RSA (for sign+certify) and RSA subkey (for encryption)
>>   (2) DSA (for sign+certify) and Elgamal subkey (for encryption)
>>   (9) ECC (for sign+certify) and ECC subkey (for encryption)
>> 
>> I think this is much clearer. Even for newbies...
> 
> I'm (extremely!) reluctant to agree here; I think it's exactly the
> opposite.  If I had my way, key generation wouldn't even ask what
> algorithms to use unless the --expert flag was provided.

I basically agree with this.

In the past, it made sense to ask RSA or DSA/Elgamal.  There were compatibility issues, with one implementation supporting algorithm A, and another supporting algorithm B and this other one supporting both A and B, but with bugs... etc.  The RSA patent certainly didn't help either.  These days, everyone fully supports all of RSA, DSA, and Elgamal, and has for years.

Especially given that the advice (both here and in the FAQ) is "always use the defaults", why even give an option other than the defaults?  It confuses the issue.

Of course, --expert would have everything and give all options, including setting key flags, as today.  But without --expert, just make an RSA (sign+certify) + RSA (encrypt) key, as is the default today.

David




More information about the Gnupg-devel mailing list