installing gnupg 2.2 as "gpg", vs coexistence with gpg 1.4

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Sep 29 06:25:22 CEST 2017 

On Thu 2017-09-28 14:46:44 -0400, Greg Troxel wrote:
>   1) Nobody should use 1.4 for anything.  Just use 2.2.  Don't even have a
>   1.4 package.
>
>   2) There are reasons to use 1.4, but it's odd.  Don't bother to
>   accomodate people, and it's ok if the 1.4 and 2.2 packages can't be
>   installed at once.
>
>   3) 1.4 is normal enough that packaging systems should allow installing
>   both at the same time, but typing "gpg" should get gpg 2.2.x

In debian, we're shipping gpg 2.1.x/2.2.x as "/usr/bin/gpg" and the 1.4
branch is explicitly deprecated.  for the "odd" reasons that a few
people might have to use 1.4, we still support an explicitly deprecated
"gnupg1" package, which ships /usr/bin/gpg1 and wasn't particularly hard
to build.

So i guess you could say that debian is taking your option #3, but i
don't think you should interpret it that way -- 1.4 is *not* "normal
enough" these days.

And while the documentation makes some statements about
co-installability, my experience has been that co-installability between
the 1.4 and 2.1/2.2 series is illusory at best -- in most circumstances,
they end up using different public key rings and different secret
keyrings, and end up sharing only the config file, which itself is
frustrating because there are options that you might want for one, but
not for the other.

So I think #1 or #2 is the way to go.  You're welcome to point the few
holdouts who actually need gpg1 (i.e. folks with legacy PGPv3 keys that
need to decrypt old/archived messages, i can't really think of another
good reason) that they should take advantage of the deprecated debian
gpg1 packages while they last, if it gets you out of having to support
two versions concurrently.  But in the long term, Debian will evenutally
drop gpg1 as well.  People should move on.

    --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170929/3efd083a/attachment.sig>

More information about the Gnupg-devel mailing list