Re: [openpgp] SHA-2 support should be mandatory – change defaults
David Shaw
dshaw at jabberwocky.com
Tue Aug 12 00:08:35 CEST 2014
On Aug 11, 2014, at 1:31 PM, Johan Wevers <johanw at vulcan.xs4all.nl> wrote:
> On 11-08-2014 8:49, Robert J. Hansen wrote:
>
>> On Enigmail, I recently had a frustrating
>> experience helping a user who was trying to use GnuPG to exchange
>> traffic with a PGP *2.6* user... a codebase which is about 20 years old now.
>
> Fixing the packet order when --pgp2 or --rfc1991 are used would help a
> lot. And now I assume that pgp 2 will not pass away before the
> generation that was on the internet in the 1990's lies in the grave.
Rather than fixing RFC-1991 support, why not go in the other direction and make it clear that it isn't supported, and won't work? I did a bunch of work to make --pgp2 work well and interoperate with PGP 2.x over a decade ago. Even then it was intended as a stopgap measure until people finally stopped using PGP 2.x. Over 10 years later, it's well past time to kill it.
David
More information about the Gnupg-users
mailing list