Should one really disable AEAD for recent GnuPG created PGP keys?

Vincent Breitmoser look at
Tue Mar 5 00:16:45 CET 2024

Hey list,

OpenKeychain maintainer here. As Werner chose to omit some details here 
that seem pertinent, I will add:

> No, it is not because you are delaying the deployment of new and a much
> faster algorithm mode.

The packet format referred to here is GnuPG-specific. In November 2023, 
GnuPG forked the OpenPGP standard as "LibrePGP", in protest of the 
upcoming OpenPGP revision. See

LibrePGP specifies the packet format that GnuPG now emits by default. 
However, this packet format will be different from the upcoming RFC 
specifying the next OpenPGP revision.

You can find the LibrePGP mailing list here:

 > Unfortunately a small group of people seem to sabotage this strategy
 > by rejecting the new mode despite that it has been implemented by
 > their crypto library.

The "small group of people" that Werner is accusing of sabotage here is 
the IETF OpenPGP working group, and implementations that choose to 
implement the new OpenPGP RFC over LibrePGP. The background on this 
whole ordeal is complicated to say the least, but it is well established 
that the points of contention are rooted in personal conflict, and thus 
by nature extremely difficult to work with.

> All the major implementers (Ribose RNP, GnuPG, BouncyCastle, OpenPGP.js)
> took great care to first deploy the software with support for the new
> mode before actually creating keys with a preference for that mode [1].
Ultimately, as a user you can currently choose between a format that 
will not be part of the upcoming RFC, but is supported by GnuPG (and 
many other implementations, including those mentioned above). Or a 
format that will be standardized as an RFC, but is not supported by 
GnuPG (but many other implementations, including all mentioned above).

Due to this situation, many distributors (at least: Thunderbird, Debian, 
Arch, Fedora, NixOS, GPG Suite for macOS) have decided to hold back 
emission of the LibrePGP packet format for now. OpenKeychain will also 
follow suit here.


  - V

More information about the Gnupg-users mailing list