Am 20.05.2018 um 08:26 schrieb Robert J. Hansen:
> Writing just for myself -- not for GnuPG and not for Enigmail and
> definitely not for my employer -- I put together a postmortem on Efail.
> You may find it worth reading.  You may also not.  Your mileage will
> probably vary.  :)
> 
> https://medium.com/@cipherpunk/efail-a-postmortem-4bef2cea4c08

I don't think breaking backwards-compability is an all-or-nothing question.

IMO, it is important to still be able to decrypt old data. On the other
hand one wants sane, secure use with current data.
The functionality needed to decrpyt old files should still be there.
Possibly hidden behind some new option, if that helps security for
typical users.

If my mail client will no longer be able to display some old encrypted
message, that's ok. But I should be still able to read that message by
invoking GPG from the command-line with suitable options.

Philipp

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to