> What are the issues with v5 signatures?
As referenced earlier in this thread, please refer to
https://github.com/crypto-security-tools/OpenPGP-LibrePGP-comparison/
for a technical and governance comparison of the specs.
The main issues that you will find these days (imo) are that v5 is a
format that is exclusively governed by GnuPG. As such it has limited
support in other implementations, is not an OpenPGP format, and has
dropped its stated goal of becoming such.
If this is something that works for you, or you are bound to using GnuPG
regardless, the technical issues are probably not significant as a
deciding factor.
> [*sigh*]
Everyone please note that this is a *hugely* complicated topic, with
many actors, years, technical complexities, and clashes of personal
sensitivities involved. As such, it is difficult to explain in any
amount of written text to folks watching from the sidelines.
Some may find this "after the dust settled" blog post from GnuPG on the
matter enlightening:
https://www.gnupg.org/blog/20250117-aheinecke-on-sequoia.html
Cheers
- V
On 9/15/25 04:28, Jacob Bachmeyer via Gnupg-devel wrote:
On 9/14/25 02:27, Andrew Gallagher via Gnupg-devel wrote:
[...] A few other implementations had support for v5 keys since before the
schism, but all except gnupg agreed to move to v6 once the issues with v5
signatures became known.
[*sigh*]
What are the issues with v5 signatures?
-- Jacob
_______________________________________________
Gnupg-devel mailing list
[email protected]
https://lists.gnupg.org/mailman/listinfo/gnupg-devel
_______________________________________________
Gnupg-devel mailing list
[email protected]
https://lists.gnupg.org/mailman/listinfo/gnupg-devel
