Multiple issues in GPG documentation
Borden
borden_c at tutanota.com
Sat Sep 13 18:01:35 CEST 2025
> Some services still support legacy ciphers for backwards comparability.
>
This is a distraction to my original e-mail, but I was referring to how some SSH servers don't support ECC so I need to use RSA. GPG deprecates weak ciphers, anyhow (right?), so I'm unclear on what relevance it has to GPG.
> I think that is a bit technical for an FAQ. Quantum computing is still an active field of research, and it will likely be quite some time before current algorithms are broken.
>
If we added a FAQ to the effect of:
"Is GPG quantum secure?
"Although there are currently no known quantum computers or attacks that can crack the cyphers used in GPG, quantum computers could theoretically drastically shorten brute force attacks against algorithms X, Y, & Z that would make them crackable.
"Algorithms A, B & C (if any) used in GPG are not known to be vulnerable to these sorts of attacks."
... I don't think that would be any more technical than the existing FAQ documentation. We don't need to go into the theory of superposition to provide useful information.
> Camellia is a symmetric cipher so you would not use it to create a key.
>
Understood. Since I haven't used GPG to encrypt anything directly, that would explain why it hasn't been offered to me.
More information about the Gnupg-users
mailing list