<div dir="ltr"><div>Yes, that makes sense.</div><div><br></div><div>However, I do not know if I can use this keyring - in this state - to encrypt files?</div><div><br></div><div>Also, how ought I cleanup these old, unused keys?<br></div><div><br></div><div>~ Mike<br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Oct 4, 2024 at 2:23 AM Werner Koch <<a href="mailto:wk@gnupg.org">wk@gnupg.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi!<br>
<br>
You should not update to a 3 years old devel version. The current<br>
stable version is 2.4.5.<br>
<br>
> gpg: DBG: Oops: keyid_from_fingerprint: no pubkey; fpr:<br>
> 5d5ddc60954d5b06fa7b592ec45b70d9<br>
<br>
That is a PGP-2 key. Support for them has been dropped in version 2.1.0<br>
(2014):<br>
<br>
* gpg: All support for v3 (PGP 2) keys has been dropped. All<br>
signatures are now created as v4 signatures. v3 keys will be<br>
removed from the keyring.<br>
<br>
See also <a href="https://gnupg.org/faq/whats-new-in-2.1.html" rel="noreferrer" target="_blank">https://gnupg.org/faq/whats-new-in-2.1.html</a><br>
<br>
If you still have data encrypted to such keys, you need to install GnuPG<br>
1.4.<br>
<br>
In the wake of the Snowden revelation there was a heavy move to newer<br>
algorithms and thus PGP-2 was considered broken by some people. In fact<br>
Google people heavily pledged for removing all support for PGP-2 for<br>
GnuPG. Meanwhile I think this was the wrong decision - keeping PGP-2<br>
decryption capabilities would have been easier than all the extra code<br>
to skip PGP-2 keys in existing keyrings. And of course the PGP-2<br>
encryption has not been broken - only signatures are vulnerable to the<br>
full MD5 hash algorithm attacks we know for 25 years.<br>
<br>
<br>
<br>
Shalom-Salam,<br>
<br>
Werner<br>
<br>
-- <br>
The pioneers of a warless world are the youth that<br>
refuse military service. - A. Einstein<br>
</blockquote></div><br clear="all"><br><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr"><br>If ever I can be of service to you; contact me at once.<br>I wish for you a truly extraordinary day ...<br><br>-- <br>Best Regards,<br><br>Mike Schleif<br>612-235-6060<div><a href="https://mikeschleif.net" target="_blank">https://mikeschleif.net</a><br><a href="http://mdsresource.net" target="_blank">http://mdsresource.net</a><br><a href="http://www.linkedin.com/in/schleif" target="_blank">http://www.linkedin.com/in/schleif</a><br><a href="http://facebook.com/MDSResource" target="_blank">http://facebook.com/MDSResource</a><br><a href="http://twitter.com/mikeschleif" target="_blank">http://twitter.com/mikeschleif</a></div></div></div>