list of OpenPGP implementations [was: Re: Changing GPG's default key type?]

Robert J. Hansen rjh at
Fri Jul 31 04:06:35 CEST 2009

> Is that an example of a potential problem implementation?  Note that  
> the McAfee product does support RSA (not surprising, given its  
> ancestry).

I don't know.

There are a wide number of implementations with various degrees of  
conformance, RFC4880 is fairly new and there's no guarantee vendors  
have caught up with it, old systems continue to be used despite our  
wishes (look at how many 6.5.8 users are out there), and so forth and  
so forth.

My judgment is that it's wise to keep some healthy skepticism about  
what optional bits of the spec are broadly-supported.  I think the  
instant I tell someone "everything uses RSA," they're going to come  
back and say "well, my bank uses FooBarBazQuuzPGP, and they can't read  
my traffic," Murphy's Law being what it is and all.

Reasonable people may certainly disagree with my judgment.  :)

More information about the Gnupg-users mailing list