On 6/22/2012 1:44 PM, ved...@nym.hush.com wrote: > As you mentioned earlier, the v3 people have an entrenched user- > base, and are hardly novices, and 'for them', listing the keysize > with the fingerprint, really is trivial.
If people want to keep using PGP 2.6, let them, but I'm not going to help them do it. If people want an emergency stopgap while they migrate to OpenPGP, I'll happily help. Unfortunately, at this point essentially all the people who would migrate have already migrated. PGP 2.6 is dead, dead, dead, dead, dead, dead, dead, dead, dead, dead. PGP 2.6 is highly dependent on MD5, for which *we have already seen in-the-wild signature forgeries*. That deserves to be underlined and highlighted and carved in twelve-foot-high flaming letters. Anyone using PGP 2.6 today is either in resolute denial of the facts or totally clueless. For this reason, I have no interest in helping out PGP 2.6 users. If they really want to migrate to OpenPGP, then yes, let's do what we can to help in the migration. But anything that lets them continue to stick their heads in the sand and deny reality is -- well, without passing moral judgment on that, I have zero interest in helping. Were it up to me, PGP 2.6 support in GnuPG would be reduced to read-only. So be thankful Werner isn't paying attention to my preferences. :) _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users