Break backwards compatibility already: it’s time. Ignore the haters. I trust
you.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
> Von: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] Im Auftrag von
>
> On 22/05/18 10:44, Fiedler Roman wrote:
> > Such a tool might then e.g. be used on a MitM message reencryption
> > gateway: the old machines still send messages with old
> > (deprecated/legacy options), they are
On 22/05/18 10:44, Fiedler Roman wrote:
> Such a tool might then e.g. be used on a MitM message reencryption
> gateway: the old machines still send messages with old
> (deprecated/legacy options), they are transformed by "gpg-archive":
> The full data (old message, old decrypt report, reencrypted
Hello list,
I failed to decide, which message would be the best to reply to, so I took one
with a title, rational humanists could be proud of. Ignoring the title, many of
the messages had valid arguments for both sides. From my point of view the main
difference seems to be, what is believed to
Guys, especially in the wake of Efail, *please* stop sending HTML mail
to the list.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
ng as these versions are still being archived (which is reasonable for the
forseeable future), they should have no problems.
So,
to put in a vote for RJH,
“Break backwards compatibility already: it’s time. Ignore the haters. I trust
you.”
vedaal
___
Gnup
On 05/21/2018 03:38 PM, Mark Rousell wrote:
> On 22/05/2018 02:16, Mauricio Tavares wrote:
>> Stupid question: what is wrong with a "encrypt/decrypt old
>> format" flag/config option? If I have the need to use old stuff, I can
>> turn that on. All I see here is a "do not open old stuff" as a
On 22/05/2018 02:16, Mauricio Tavares wrote:
> Stupid question: what is wrong with a "encrypt/decrypt old
> format" flag/config option? If I have the need to use old stuff, I can
> turn that on. All I see here is a "do not open old stuff" as a default
> setting which should solve most
On 22/05/2018 02:47, Mirimir wrote:
>
> But OK. The point here is not to expect that you can open such archives
> in an email client with Internet access, which is also receiving new
> email. Because that makes it vulnerable to Efail and follow-ons.
I agree.
> So put
> the archives in an
On 05/21/2018 02:41 PM, Mirimir wrote:
> Yes, "accepting new emails with old crypto" is the problem. But Efail
> relies on cyphertext embedded in URLs, which won't unauthenticate.
Damn copypasta :( Please make that:
> Yes, "accepting new emails with old crypto" is the problem. But Efail
>
On 05/21/2018 02:06 PM, Mark Rousell wrote:
> On 21/05/2018 23:17, Mirimir wrote:
>> On 05/21/2018 02:06 AM, Ed Kellett wrote:
>>
>>
>>
>>> Maybe they just want to be able to read emails that they received a long
>>> time ago?
>> So decrypt them all into a ramdisk, tar, and encrypt with GnuPG. Or
to say:
>>
>> Break backwards compatibility already: it’s time. Ignore the haters. I
>> trust you! :)
>>
> One of the problems with Windows is that they preserved the backwards
> compatibility for far too long, so they could never clean it up enough
> to make it any g
On 05/21/2018 02:06 AM, Ed Kellett wrote:
> On 2018-05-21 09:56, Andrew Skretvedt wrote:
>> It seems to me that if the pearl-clutchers who would howl too loudly
>> about breaking backwards compatibility were as concerned as they claim,
>> they would realize that software evolves. But this
On 21/05/2018 23:17, Mirimir wrote:
> On 05/21/2018 02:06 AM, Ed Kellett wrote:
>
>
>
>> Maybe they just want to be able to read emails that they received a long
>> time ago?
> So decrypt them all into a ramdisk, tar, and encrypt with GnuPG. Or put
> it on a backup box with LUKS. Or both.
You
On 21/05/2018 09:56, Andrew Skretvedt wrote:
> I think Efail has shown now that OpenPGP/GnuPG retains the flexibility
> to continue to adapt and maintain a well used and trusted standard for
> private and authenticated data and communications, but it won't
> achieve this if its evolution is
On 21/05/2018 14:06, Ed Kellett wrote:
> I think it's
> a bit unfair to call this "exposing yourself to creeping insecurity". It
> shouldn't ever be dangerous to *read an email* with an up-to-date email
> client, no matter what, because emails shouldn't be able to phone home.
> And the emails
On 05/21/2018 02:06 AM, Ed Kellett wrote:
> Maybe they just want to be able to read emails that they received a long
> time ago?
So decrypt them all into a ramdisk, tar, and encrypt with GnuPG. Or put
it on a backup box with LUKS. Or both.
___
On 2018-05-21 09:56, Andrew Skretvedt wrote:
> It seems to me that if the pearl-clutchers who would howl too loudly
> about breaking backwards compatibility were as concerned as they claim,
> they would realize that software evolves. But this evolution doesn't
> eradicate its past. GnuPG is open
“Break backwards compatibility already: it’s time. Ignore the haters. I
trust you.”
+1
Efail caused me to run across the criticism that Moxie Marlinespike
wrote about GnuPG/OpenPGP in early 2015.
https://moxie.org/blog/gpg-and-me/
It felt to me that without naming it, he'd focused
On 05/20/2018 08:51 PM, Jeremy Davis wrote:
> I just read the awesome article "Efail: A Postmortem" by Robert Hansen.
>
> Thanks for this Robert. Great work!
>
> As suggested by Robert, I've signed up to say:
>
> Break backwards compatibility already: it’s time. I
I just read the awesome article "Efail: A Postmortem" by Robert Hansen.
Thanks for this Robert. Great work!
As suggested by Robert, I've signed up to say:
Break backwards compatibility already: it’s time. Ignore the haters. I
trust you! :)
Chee
21 matches
Mail list logo
