Avoid recipient-compatibility SHA1
Stefan Claas
spam.trap.mailing.lists at gmail.com
Wed Nov 18 14:11:53 CET 2020
Thank you for your reply, much appreciated! I will however ask also
Ernst here again the same question one more time again, as an
illustrative example.
Regards
Stefan
On Mon, Nov 2, 2020 at 3:25 PM Phil Pennock via Gnupg-users
<gnupg-users at gnupg.org> wrote:
>
> On 2020-11-02 at 13:49 +0100, Werner Koch via Gnupg-users wrote:
> > On Fri, 30 Oct 2020 00:10, Phil Pennock said:
> > > recipient. That's fine. I'd rather create pressure for people to fix
> > > their systems to use modern cryptography than cater to their brokenness
> > > with sensitive messages.
> >
> > People won't update their keys - that just does not work. Ignoring the
> > preferences is a better way here.
>
> First: thank you for the code changes!
>
> As to the people part: for a generic call to action, you're right. But
> that's not the social dynamic in play here.
>
> For a specific set of people who know each other, trying to communicate
> securely, if someone says "hey your key is too broken to use, please fix
> it, here's a command to run (which you should check for yourself),
> please do so and send us your new public key" ... then that works.
>
> In the generic case, there's a hypothetical reward requiring work now.
> In the specific case, it's a case of "you're getting cut out of this
> ongoing conversation which presumably matters to you, do this now to get
> back in". If the conversation really does matter to that person, then
> they will fix their key. I have gotten people to fix various problems
> on exactly this basis.
>
> For everyone I am not talking to? Not my business, not my problem.
> I can only issue advice and shrug when people ignore it.
>
> Now I just need a sane way to figure out which key caused this. :)
>
> Thanks,
> -Phil
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
More information about the Gnupg-users
mailing list