Werner Koch <w...@gnupg.org> wrote:
>> Werner Koch <w...@gnupg.org> wrote: > - All support for PGP-2 keys has
>> been removed for security reasons.
>>
>> Does this mean that documents signed decades ago with PGP2 can no
>> longer be verified?
> Right. It is anyway useless because you have to assume that such
> signatures are broken. If you want to decrypt you should have 1.4
I agree that one's confidence in that content should be suspect, but the
value is not zero. I am happy that you have removed the support,
btw. Simpler code is important.
> There is one use case where PGP-2 keys may still be required: For
> existing encrypted data. We suggest to keep a version of GnuPG 1.4
> around which still has support for these keys (it might be required to
> use the `--allow-weak-digest-algos' option). A better solution is to
> re-encrypt the data using a modern key.
Yes, that was idea too -- just use 1.4.
And one can't re-encrypt data signed by another.
In many cases, in my archives, I have email that is clear signed, which was
then encrypted, and stored that way.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
pgpxyAsFJlM_e.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
