list of OpenPGP implementations [was: Re: Changing GPG's default key type?]
Robert J. Hansen
rjh at sixdemonbag.org
Fri Jul 31 04:06:35 CEST 2009
> Is that an example of a potential problem implementation? Note that
> the McAfee product does support RSA (not surprising, given its
> ancestry).
I don't know.
There are a wide number of implementations with various degrees of
conformance, RFC4880 is fairly new and there's no guarantee vendors
have caught up with it, old systems continue to be used despite our
wishes (look at how many 6.5.8 users are out there), and so forth and
so forth.
My judgment is that it's wise to keep some healthy skepticism about
what optional bits of the spec are broadly-supported. I think the
instant I tell someone "everything uses RSA," they're going to come
back and say "well, my bank uses FooBarBazQuuzPGP, and they can't read
my traffic," Murphy's Law being what it is and all.
Reasonable people may certainly disagree with my judgment. :)
More information about the Gnupg-users
mailing list