decrypt aes256 encrypted file without gpg-agent
Werner Koch
wk at gnupg.org
Tue Jun 30 12:10:40 CEST 2020
On Tue, 30 Jun 2020 00:55, Johan Wevers said:
>> Do not use 1.4 unless you have to decrypt old non-MDC protected data or
>> data encrypted to a legacy v3 key.
>
> Do not break backwards compatibility if you want all people to upgrade.
Do not update so that the bad guys can exploit your legacy software ;-)
There are well documented reasons what we don't support MDC and PGP3
keys anymore - it was complex to support and virtually impossible to
make sure that the message has not been tampered with. See the
discussion around EFFail of MUAs using gpg in a brittle and insecure
way.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200630/5ec6d912/attachment.sig>
More information about the Gnupg-users
mailing list