Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Mar 17 23:26:02 CET 2015
On Tue 2015-03-17 17:58:47 -0400, Pete Stephenson wrote:
> Alas, a lot of Linux distributions are quite slow-moving: it's unlikely
> that distributions like Debian and Ubuntu will have GnuPG 2.1.x
> available (let alone installed by default) for several years.
For debian stable, this is likely to be the case because of where we
were in the release cycle when 2.1 was finally released.
I hope to have 2.1.x in debian testing and unstable shortly after we
manage to release jessie, and hope to move to it as the default either
for "stretch" (the release after jessie) or (if things turn out to be
much more complicated than i'd like) stretch+1.
> Yes, the changes should be made, but ECC support won't be widely
> available to most users for some time.
I agree that defaulting to brainpool-512 right now would be a mistake.
Defaulting to RSA 3072 seems reasonable to me, though.
More information about the Gnupg-users