On Mon, Sep 04, 2017 at 08:56:31AM +0200, Remi Collet wrote: > gnupg v2 is a nightmare for "server", I maintain some PHP extensions and > libraries which works perfectly against v1, and not against v2
Would it be ok for you to patch the libraries to use /usr/bin/gpg1 instead? > And, AFAIK, v1 is still maintained. It is on life-support but not properly maintained. GPG2 uses a better file format for private keys that GPG1 does not understand. Therefore GPG2 allows for example to merge GPG subkeys for private keys. If one relies on GPG2. Also the GPG agent for GPG2 seems to be better than the GPG1 agent. AFAIK there is no benefit for anyone to still use GPG1 over GPG2 except for not updating code now. For me it only causes problems when I accidentally use GPG1 instead of GPG2 because the gpg command points to GPG1. Also I remember that there might be issues with GPG signing GIT commits since it defaults to using the gpg command instead of using the gpg2 command. Eventually GPG1 will die anyhow. Also the default library gpgme supports GPG2 correctly and it would be better for code to use GPG via gpgme instead of writing own wrappers as an extension/library anyhow IMHO. Kind regards Till _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
