> I can't offer any conclusive evidence for this, but it is my > honest estimate that more real-world sensitive traffic volume > is generated by 1.4.x than 2.x. Consequently, if 1.4.x is in any > was insecure, this would be of significantly greater benefit to > a whole class of large institutional web-traffic attackers than > if 2.x was insecure. So, if 1.4.x is indeed in any way insecure, > that should merit more serious and immediate attention that if > 2.x was insecure.
The other, and in my opinion much more sensible, course of action would be to migrate all these systems that still use 1.4 to 2.1. Version numbers are like entropy: They only increase, never decrease. Sincerely, Malte _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
