On Fri, Jan 2, 2026 at 10:44 AM Neal Gompa <[email protected]> wrote:
> Fabio and I were discussing this in Matrix earlier this week, and I > think this is a problem that's only going to continue to get worse. For others who want to review some (including opinionated) 3rd party writings, here are a few: https://lwn.net/Articles/953797/ https://articles.59.ca/doku.php?id=pgpfan:schism https://librepgp.org/ https://blog.pgpkeys.eu/critique-critique.html https://articles.59.ca/doku.php?id=pgpfan:interop > So, what *should* we do, and what *can* we do? Well, it appears we are damned if we do, and damned if we don't, we just need to pick what Fedora believes is the least damned [0]. While the IETF has it's issues (FD: I have even attended a very few IETF meetings in person (although not crypto related), and they were, um, "interesting"), I think we should likely follow the IETF's OpenPGP standard(s), as RFCs are the basis of much of the interoperability that we depend on. If that requires additional effort to get less wrong, then we most likely need to do that work. I have not followed the other major distros (including, perhaps importantly, a major Enterprise Linux's planning processes for ELnext). Do we have any indications as to what they are doing or planning? [0] With the only difference as to the number of foot holes, with zero being an unlikely number?). -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
