Break backwards compatibility

Mon May 21 09:53:49 CEST 2018

Hi all,

Am Montag, den 21.05.2018, 04:19 +0100 schrieb Mark Rousell:
> On 21/05/2018 02:12, Jochen Schüttler wrote:
> > I'm all for breaking backwards compatibility.
> > 
> > What's the worst the haters can do? Turn their back on GnuPG? Shout
> > out
> > really loud once more? I think they should get a life!
>  
> I rather suspect they do have a life supporting scenarios that they
> cannot change that require legacy-decryption capability.
> 
> If legacy-decryption was removed entirely from current versions of
> GnuPG then they would simply have to continue using old, unsupported,
> and potentially vulnerable versions. I do not think it is reasonable
> to just cut them off entirely.

I think it might be best to put that functionality into a separate
GnuPG version called gpg-legacy.
Make it clear in all man pages of this tool, the --version and --help
options that this only exists to decrypt existing but now obsolete
encrypted material and that it can't be used to create such material
anymore.

> As Philipp Klaus Krause [1] and Dirk Gottschalk [2] pointed out
> above, breaking backward compatibility does not have to be (and
> should not be in my opinion) absolute. The ability to decrypt old,
> legacy-encrypted data is, like it or not, still present in the real
> world and it is therefore surely proper for GnuPG to retain the
> ability to decrypt such data in maintained code (albeit whilst
> requiring users to take action to make changes to their configuration
> to be able to continue decrypting such data using GnuPG).
> 
> I agree with those who say that there is no need for mail clients to
> be able to decrypt legacy-encrypted data.

Dirk Gottschalk wrote in 
https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060474.html

> I think the backwards compatiblity should be broken to improve
> things.
> It would be possible to implement something like --legacy to re-
> enable
> the old functionality. This could also be implemented in email
> clients
> and plug-ins like enigmail as a checkbox.

No! Everybody will just turn on that checkbox then and be none the
wiser.

Regarding breaking changes: Please study carefully the Python2 ->
Python3 transition. By keeping Python2 for 10 long years supported
after deprecation, only the haters became louder and louder, "Success"
stories of leaving the Python eco system exploded. Would they have
integrated a non-GIL switch into that breaking change, the work for
normal Python projects would not have been greater but the reason to
switch would have been.

Just 2 cents of a long-term GnuPG (and Python) user
Michael
--
Michael Kesper
Supporter of FSFE https://fsfe.org/about
GPG Fingerprint: F035 8BD9 D0C2 0E6A 85B5  6A60 4208 05C6 8907 4FAD
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180521/bace2657/attachment.sig>