brian m. carlson sandals at
Sat Jun 23 00:39:19 CEST 2012

On Fri, Jun 22, 2012 at 02:18:13PM -0400, Robert J. Hansen wrote:
> On 6/22/2012 1:44 PM, vedaal at wrote:
> > As you mentioned earlier, the v3 people have an entrenched user-
> > base, and are hardly novices, and 'for them', listing the keysize 
> > with the fingerprint, really is trivial.
> If people want to keep using PGP 2.6, let them, but I'm not going to
> help them do it.  If people want an emergency stopgap while they migrate
> to OpenPGP, I'll happily help.  Unfortunately, at this point essentially
> all the people who would migrate have already migrated.

There are people using v3 keys that are not using MD5 (other than the
fingerprint, obviously).  I am one of them.  My v3 key (0x560553e7) has
v4 self-signatures on it, none of which recommend MD5.  All of the
preferences are for algorithms presently considered strong (except
SHA-1, but removing that isn't possible, unfortunately).  Obviously, I'm
not using PGP 2.6, since it won't read my key.

I have moved to using a v4 key for everyday usage, but my v3 key still
has more signatures on it than my v4 key, and I am not planning on
revoking it by any means.  I still accept signatures on it and data
encrypted to it, just like I do with my v4 key.

brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: </pipermail/attachments/20120622/7fc776bf/attachment.pgp>

More information about the Gnupg-users mailing list