installing gnupg 2.2 as "gpg", vs coexistence with gpg 1.4

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sat Sep 30 21:48:05 CEST 2017


On Fri 2017-09-29 10:53:17 +0200, Werner Koch wrote:
> On Fri, 29 Sep 2017 06:25, dkg at fifthhorseman.net said:
>
>> holdouts who actually need gpg1 (i.e. folks with legacy PGPv3 keys that
>> need to decrypt old/archived messages, i can't really think of another
>
> A few days ago someone (with a long pgp and gpg history) accidentally
> sent me an encrypted mail to my old (expired) key from 1995.  I had to
> use gpg1 to decrypt it.
>
> Should I ever find a DAT drive for my old backup tapes I might want to
> decrypt mails from that area.  There is also the case for historians who
> want to dive into the 90ies.

for digital historians an legacy nerdery, the source code for gpg 1.4
will continue to be available, whether it's maintained or not.  I'm fine
with that tradeoff :)

> Agreed, but I will try to keep on maintaining gpg1 at least for
> decryption.  The next 1.4 release will likely install gpg 1.4 as gpg1,
> though.  Maybe keyserver support will also be removed because that is
> not needed for decryption.  I am not sure what to do with translations,
> but keeping them is not that expensive.

I agree that decryption (asymmetric and symmetric) of legacy encrypted
messages is the only interesting use case left for gpg1 in the long
term.  To be clear, means that the following use cases aren't things
anyone should be doing with gpg 1.4:

 * keyserver or LDAP access
 * signature verification
 * signing data
 * certifying keys
 * Web-of-trust identity validation
 * asymmetric encryption
 * symmetric encryption

maybe a deprecate 1.4 could start producing warnings when invoked for
those operations, if we want to encourage people to move off of it.

      --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170930/250b6caf/attachment.sig>


More information about the Gnupg-devel mailing list