On Tue, 30 Jun 2020 00:55, Johan Wevers said: >> Do not use 1.4 unless you have to decrypt old non-MDC protected data or >> data encrypted to a legacy v3 key. > > Do not break backwards compatibility if you want all people to upgrade.
Do not update so that the bad guys can exploit your legacy software ;-) There are well documented reasons what we don't support MDC and PGP3 keys anymore - it was complex to support and virtually impossible to make sure that the message has not been tampered with. See the discussion around EFFail of MUAs using gpg in a brittle and insecure way. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users