[openpgp] SHA-2 support should be mandatory – change defaults

Werner Koch wk at gnupg.org
Tue Aug 12 09:33:00 CEST 2014

On Tue, 12 Aug 2014 00:08, dshaw at jabberwocky.com said:

> Rather than fixing RFC-1991 support, why not go in the other direction
> and make it clear that it isn't supported, and won't work?  I did a
> bunch of work to make --pgp2 work well and interoperate with PGP 2.x
> over a decade ago.  Even then it was intended as a stopgap measure
> until people finally stopped using PGP 2.x.  Over 10 years later, it's
> well past time to kill it.

I fully agree.  Do you mean to document it or to remove the function and
change the options to print a warning message that they don't do
anything?  For 2.1.

What about --compress-keys and --compress-sigs?  These are GnuPG only
features which predate OpenPGP and have been introduced only to allow
that old accidental behaviour of GnuPG.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list