Re: [openpgp] SHA-2 support should be mandatory – change defaults

David Shaw dshaw at jabberwocky.com
Thu Aug 14 13:23:20 CEST 2014


On Aug 14, 2014, at 1:20 AM, Doug Barton <dougb at dougbarton.us> wrote:

> On 08/12/2014 08:41 PM, David Shaw wrote:
>> Maybe the answer is to remove the things to generate PGP 2 messages specifically, and leave the other stuff?
> 
> Yes please. :)
> 
> Not being able to encrypt/sign with PGP 2 at this point is totally reasonable. Not being able to decrypt/verify leads to toolchain complications down the road for people with such archives, and sends a dangerous message that we're not serious about backwards compatibility.

I think the context has been lost in that sentence.  The "other stuff" I was referring to was --pgp6, --pgp7, etc.  The --pgpX options in general.  There was never a question of removing the ability to decrypt PGP 2 messages.  As you say, that would destroy the ability to decrypt old messages.

David




More information about the Gnupg-users mailing list