Should one really disable AEAD for recent GnuPG created PGP keys?
Tobias Leupold
tl at stonemx.de
Tue Mar 5 12:39:02 CET 2024
Sorry for asking another thing about this. For sure, I didn't want to set off
an avalanche, and I still don't want to. But from a user's perspective, this
is simply very confusing and also unsettling.
I think that somewhere, there should be some documentation, FAQ or whatever,
as a definitive source for the correct facts.
Because we have this statement:
> That is not a GnuPG specific but an agreed upon format by the participants
> of the OpenPGP WG and implemented by all major implementations.
Which does not match what others say (apart from Vincent's statement) ... e.g.
I also asked for what to do on Stack Exchange:
https://security.stackexchange.com/questions/275883/should-one-really-disable-aead-for-recent-gnupg-created-pgp-keys
The answer started with:
> While authenticated encryption (AEAD) is good - especially for something
> like OpenPGP, which is an old and over-complicated standard that has a
> concerning large attack surface for vulnerabilities or simple implementation
> errors - I definitely can't recommend enabling a non-standardized
> compatibility-breaking feature by default, and frankly feel that GnuPG made
> a major error in doing so
from somebody with an impressive reputation on the network, for whom I suppose
he knows what he's talking about.
So: Is this standardized, or is it not?
As said: I don't want to provoke a flame war. I'm just interested in objective
facts ...
More information about the Gnupg-users
mailing list