gpg4win expired code signing cert; please renew.

[Robert J. Hansen]

> The demise of pre-quantum crypto is likely within our lifetimes

You, maybe. I'm unlikely to see 2055, at which point I'd be 105.

> and there is much sensitive info we may have encrypted which is
> permanently sensitive.

I'm going to go out on a limb and say this is bunkum. Go out and buy a
copy of Chuck Hansen's[1] _Swords of Armageddon_ or John Coster-Mullen's
_Atom Bombs_, both of which openly publish details of nuclear weapon
manufacture that, at the time of their writing, the government would
have literally killed to keep secret.

I really doubt you're dealing with secrets more sensitive than radiation
implosion.

> So it's not that extreme position to say move to PQC algorithms as 
> soon as possible.

That's not what have@ wrote. He wrote that everyone needed to migrate
immediately. ("Yesterday," in fact, was the word he used.)

That's an extreme position, and a thoroughly silly one.

> In this case we're stuck encrypting the data with a 3-layer
> sandwitch

Please don't. This is one of the most amateurish mistakes to make in
cryptographic engineering.



[1] No relation to me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20251016/bfe9e406/attachment.sig>