Should I be using gpg or gpg2?

[listo factor]

On 09/28/2015 05:40 PM, Werner Koch - wk at gnupg.org wrote:
 > On Mon, 28 Sep 2015 13:23, listofactor at mail.ru said:
 >
 >> Unless you have specific reasons for transitioning to gpg2, stick
 >> with gpg (GnuPG) 1.4.16. It is just as secure, and much easier
 >                                       ^^^^^^^^^^
 >
 > That is definitely not the case.  All improvements go into 2.1
 > and some are backported to 2.0.  We only add necessary
 > fixes to 1.4.

Most od 2.x "improvements" have little to do with security.

I can't offer any conclusive evidence for this, but it is my
honest estimate that more real-world sensitive traffic volume
is generated by 1.4.x than 2.x. Consequently, if 1.4.x is in any
was insecure, this would be of significantly greater benefit to
a whole class of large institutional web-traffic attackers than
if 2.x was insecure. So, if 1.4.x is indeed in any way insecure,
that should merit more serious and immediate attention that if
2.x was insecure.