GnuPG 2.4.4 still using legacy packets?
Andrew Gallagher
andrewg at andrewg.com
Thu Nov 13 15:42:37 CET 2025
On 13/11/2025 12:35, Jakob Bohm via Gnupg-users wrote:
>
> 1. Since what version and year does gnupg accept the new framing of
> packets that it can also accept with old framing? This controls when
> senders will be able to use the new framing by default.
I believe gnupg has always supported the new framing - it was defined in
the first OpenPGP spec (RFC2440) in 1998, and gnupg 1.0 was released in
September 1999.
> 2. Since what year do all then-and-later commonly distributed OpenPGP
> implementations accept the new framing of packets that gnupg can send
> with old framing? This controls when gnupg will be able to send the new
> framing by default.
AIUI the only code that cannot understand the new framing is in
pre-OpenPGP versions of commercial PGP. PGP5 had partial support for the
new framing, but note that PGP5 was incomplete in many other areas; for
example it only had partial support for V4 signatures and its OPS
handling was buggy. See Section 14 of RFC2440 for a list of caveats:
https://datatracker.ietf.org/doc/html/rfc2440#section-14
Basically, if you are still using a version of commercial PGP that can't
handle modern packet framing, that's the *least* of your problems.
> 3. If either of the above questions are answered by "recent" (for
> enterprise-frozen values of "recent"), should gnupg add options to
> specify that the recipient follows a newer spec, such as rfc-4880, and
> can thus decode the new framing of old packet types and can also handle
> the new packet types introduced by that "newer spec"? Such an option
> might be named --rfc4880plus or --no-rfc2440 (meaning don't implicitly
> trigger option --rfc2440, but be careful not to create a contradictory
> corner case where --rfc2440 is not the exact negative of --no-rfc2440).
Note that it was RFC2440 (1998) that specified modern packet framing
even for existing features; RFC4880 was the first spec that introduced
new features with a *requirement* for the modern framing. All
OpenPGP-compatible software SHOULD therefore accept the modern framing.
A
More information about the Gnupg-users
mailing list