Re: [openpgp] SHA-2 support should be mandatory – change defaults

[Doug Barton]

On 08/12/2014 08:41 PM, David Shaw wrote:
> Maybe the answer is to remove the things to generate PGP 2 messages specifically, and leave the other stuff?

Yes please. :)

Not being able to encrypt/sign with PGP 2 at this point is totally 
reasonable. Not being able to decrypt/verify leads to toolchain 
complications down the road for people with such archives, and sends a 
dangerous message that we're not serious about backwards compatibility.

Doug