v3 subkeys and signatures
David Shaw
dshaw at jabberwocky.com
Sat Jun 23 04:51:25 CEST 2012
On Jun 22, 2012, at 1:33 PM, Werner Koch <wk at gnupg.org> wrote:
> On Fri, 22 Jun 2012 18:40, dshaw at JABBERWOCKY.COM said:
>
>> ("....MAY accept or reject them as it sees fit.") so that's fine. I'd
>> have it ignore V3 keys by default (while still allowing decryption),
>> but allow users to turn full V3 use back on if they must.
>
> I fully agree. We always provided compatibility switches. What do you
> think? Shall we use the --pgp2 option for this as well, or shall we add
> another one?
Hmm. I think a new option for this, which --pgp2 would also set. The reason is that if someone has to use a v3 key (either wisely or not) it seems better to not force them to take the algorithm restrictions like MD5 that come along with --pgp2.
David
More information about the Gnupg-devel
mailing list