Am 20.05.2018 um 08:26 schrieb Robert J. Hansen: > Writing just for myself -- not for GnuPG and not for Enigmail and > definitely not for my employer -- I put together a postmortem on Efail. > You may find it worth reading. You may also not. Your mileage will > probably vary. :) > > https://medium.com/@cipherpunk/efail-a-postmortem-4bef2cea4c08
I don't think breaking backwards-compability is an all-or-nothing question. IMO, it is important to still be able to decrypt old data. On the other hand one wants sane, secure use with current data. The functionality needed to decrpyt old files should still be there. Possibly hidden behind some new option, if that helps security for typical users. If my mail client will no longer be able to display some old encrypted message, that's ok. But I should be still able to read that message by invoking GPG from the command-line with suitable options. Philipp _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
