Re: [openpgp] SHA-2 support should be mandatory – change defaults
dougb at dougbarton.us
Thu Aug 14 07:20:05 CEST 2014
On 08/12/2014 08:41 PM, David Shaw wrote:
> Maybe the answer is to remove the things to generate PGP 2 messages specifically, and leave the other stuff?
Yes please. :)
Not being able to encrypt/sign with PGP 2 at this point is totally
reasonable. Not being able to decrypt/verify leads to toolchain
complications down the road for people with such archives, and sends a
dangerous message that we're not serious about backwards compatibility.
More information about the Gnupg-users