Why 2.1 is delayed for so long

Robert J. Hansen rjh at sixdemonbag.org
Tue Sep 23 18:10:35 CEST 2014

> How is this "more complicated"? And how is this different from the
> single-key to double-key switch? Most people will never get RIPA
> notices, either.

Sorry, I omitted one other (huge!) reason from my history -- IIRC, this
is what pushed the community over the top: namely, the RSA patent.

RSA was the only algorithm that "do it all" (signing, certifying,
authenticating, encrypting), but it was patented and thus unavailable.
DSA, Elgamal-Signing and Elgamal-Encryption were the only Free Software
alternatives.  In order to avoid being tied to the patent, the keys had
to be separated.

The single-key to double-key switch had several independent lines of
argument which all went to the same spot.  If you signed on to it
because of RIPA, great.  If you signed on because of patent issues,
great.  If you signed onto it because... great.

There were an abundance of reasons to switch, some of them in response
to very present issues (the RSA patent), some of them in response to
anticipated issues (RIPA, which as far as I know has never actually been
used against an OpenPGP key).  That abundance made it easy for people to
get behind the change.

You don't have that abundance.  And you also want this change to happen
*right now*, instead of realizing that changes like this take a couple
of years to percolate through.

> I *have* been working on that problem. It involves making caff much
> easier to use in the offline case.

Excellent!  I'm glad to hear it.

> If that does come to pass, I would still consider it a loss for
> society, because it would have been easier to just tweak GPG, and I
> could have spent that effort on other things.

No one's stopping you from tweaking GnuPG.  No one's stopping you from
sharing your tweaks with the world.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140923/1619d58f/attachment.sig>

More information about the Gnupg-devel mailing list