A postmortem on Efail

Damien Goutte-Gattat dgouttegattat at incenp.org
Mon May 21 10:54:46 CEST 2018

On 05/21/2018 04:07 AM, Mark Rousell wrote:
> I think you mean that support for 2.0.y has been dropped, surely?

No, I do mean that support for all PGP 2-related stuff has been dropped
from the current stable branch. Modern GnuPG (≥ 2.1) can neither read
nor write anything that has been generated by PGP 2.x. Compatibility
starts with PGP 5, which dates back to 1997.

> When I wrote "2.x.y" above I meant that users should be able 
> to continue decrypting legacy-encrypted data (albeit with a change of
> commands/options compared to the present) with whatever the
> currently-supported version of 2.something is at any point in the
> future.

Well, that's already not the case. If you have pre-1997 data, you need
to use GnuPG 1.4, which again *is* still supported precisely for this
use case. (You could also, in theory, use GnuPG 2.0.x, but *that* branch
is explicitly no longer supported.)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180521/a931e708/attachment.sig>

More information about the Gnupg-users mailing list