Robert J. Hansen
rjh at sixdemonbag.org
Mon May 21 07:20:33 CEST 2018
Here's my own set of suggestions for breaking changes to GnuPG:
1. End-of-life 1.4 already.
Yes, it's the only option for PGP 2.6. Yes, it's the only option for
old and out-of-date stuff. Yes, there will be people who need to
decrypt this stuff. All of that is true, but *we* don't need to be the
people who cater to their needs. At this point if you need pre-Web
crypto (which, I remind people, is pretty much what PGP 2.6 is), you
have a specialized need and you need to talk to someone about a custom
solution. There are companies that specialize in this sort of thing
(like, say, g10 Code).
We should keep the 1.4 source code available, but wash our hands of it
and say it will receive *no* future fixes, not even for security issues
-- and we need to stand on that when people start screaming.
Rationale: as long as we keep GnuPG 1.4 around and even semi-supported,
people will insist on not upgrading.
2. End-of-life 2.0.
2.2 is the replacement branch for 2.0, and it's been around for ten
months. Yes, some major distros have incorporated 2.0 into their
long-term support releases. That's on them, *not* us. State, "we're
going to continue to give security fixes to 2.0 but that will end
December 31, 2018."
Rationale: 2.3 will be coming out soon. I can understand supporting 2.2
and 2.3 simultaneously, but 2.0, 2.2, and 2.3 simultaneously seems like
we're dropping 1.4 just to pick up another boat anchor.
3. In 2.3, make RFC4880bis04 the default.
There's a lot of good stuff in bis04. Unfortunately, until the WG
restarts there's little in the way of implementations of it. But it
still exists, and it's the safest thing we've got so far, so let's make
the cutover. Include an --rfc4880 option for interoperability with
clients that aren't -bis04 compliant.
Rationale: we may only get one chance to make serious breaking changes,
so let's go big or go home.
Let me make it clear: these changes are extreme. Some knowledgeable
people will say they're too extreme. I disagree. Let's get all the
breaking pain over at once, and put GnuPG on track for the future. And
if defaulting to -bis04 puts pressure on other implementations to
support it, and/or puts pressure on the WG to approve it, well -- I'm
fine with that.
More information about the Gnupg-users