Fingerprints and Key-IDs - Was: [PATCH] avoid publishing the GnuPG version by default

Patrick Brunschwig patrick at
Sat Aug 6 15:02:56 CEST 2016

On 06.08.16 10:39, Werner Koch wrote:
> On Fri,  5 Aug 2016 21:39, ilf at said:
>> IMHO we need *not* be respectful to third-party tools using GnuPG in a
>> way that it explicitly warns against, exactly because it might break.
> That's the theory.
>>> FWIW, I recently learned that there widely used tools which parse
>>> --list-packets. An option I always considered a debug interface.
>> Which ones? Let's contact the maintainers to get them fixed.

Enigmail does this too for occasions where gpg does not provide the
required information by other means.

* to get the original file name of encrypted files (in case encrypted
files have names like "Attachment1.asc")
* to find out about the structure of OpenPGP keys before they are
imported, for example to ask the user upfront whether the key(s) should
be imported.

I think you should consider that other tools rely on --list-packets for
more than debugging ;-)


More information about the Gnupg-devel mailing list