Naming of GnuPG

John W. Moore III jmoore3rd at bellsouth.net
Mon Apr 21 22:22:00 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Christoph Anton Mitterer wrote:

> But in the end we'll either have two different gpg's (which could lead
> to a lot of problems, even security related) or one of the two will be
> phased out.

How do You reach this conclusion?  "different GPG's" is far from
accurate since the Cryptographic code is identical in both the Branch &
the Trunk.  The only 'difference' is the inclusion of S/MIME capability
within the 2.x Trunk.  This 'feature' is used by a small minority & I
see no reason to force 'extra capability' upon those who have no desire
for it. :-\

> On the other hand,... if we actually want to spread the use of 2.x we
> should perhaps suggest the distributors to use the 2.x branch as default
> (i.e. the package named gnupg) and provide 1.4.x as something like
> gnupg14.

Default = forced, IMHO.

> What if ECC or V5 keys will finally come? Should they be backported?

The WG has discussed this and backwards compatibility [as pertains to
the mandatory cipher] has been somewhat agreed on.  I am confident that
some form of backwards compatibility will be present when ECC becomes
commonplace. :-D

> Any I never asked to stop security support for the 1.4.x branch, I just
> suggested to let the main development take place in 2.x and to
> explicitly state this.

At present the majority of R&D is focused upon the 2.x Trunk and
desirable features & fixes are rapidly backported into the 1.4.x Branch.
 What caused You to assume different?

JOHN ;)
Timestamp: Monday 21 Apr 2008, 16:20  --400 (Eastern Daylight Time)
- --
"One of the greatest delusions in the world
is the HOPE that the evils of this world
are to be cured by legislation"
Thomas B. Reed (1886)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.5.0-svn4748: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: https://www.gswot.org
Comment: Homepage:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJIDPdnAAoJEBCGy9eAtCsPFPgH/iL/zzER9D21FMa0L99cYP7R
/KkhNjxfXnNHV62ljxWN/gF+qGrXbPqIDcolVxqtWGcJ1MCGGqdessAKNrQKSHCO
14Zd+LtvbsxG/7ZhEutGs+x3UH6pomRDT6FWAZi/zd1fwy/TTuJtYoCnNBb64/zE
QVMhiC5irArbI8LA6Lh3V4fHZeP76wm/ezU6AkENvd/191sBdeeRF4H/hTkyRT0A
l+41KJEEmXCSNVs7d4t1ir7X4sXG3PRzMYoVS5aJ7ub4w2mRzeY7YcjX255+waIH
jcdNYgMDQ34aLaN0ovCjjx/97vd3ADyJDDtejwfmv4hqaitKX6+pqE75aYaN0Y8=
=7Z90
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list