[openpgp] SHA-2 support should be mandatory – change defaults

Werner Koch wk at gnupg.org
Tue Aug 12 09:33:00 CEST 2014


On Tue, 12 Aug 2014 00:08, dshaw at jabberwocky.com said:

> Rather than fixing RFC-1991 support, why not go in the other direction
> and make it clear that it isn't supported, and won't work?  I did a
> bunch of work to make --pgp2 work well and interoperate with PGP 2.x
> over a decade ago.  Even then it was intended as a stopgap measure
> until people finally stopped using PGP 2.x.  Over 10 years later, it's
> well past time to kill it.

I fully agree.  Do you mean to document it or to remove the function and
change the options to print a warning message that they don't do
anything?  For 2.1.

What about --compress-keys and --compress-sigs?  These are GnuPG only
features which predate OpenPGP and have been introduced only to allow
that old accidental behaviour of GnuPG.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-users mailing list