On Fri, Mar 13, 2015 at 6:30 PM, Falcon Darkstar Momot
<falcon(_at_)iridiumlinux(_dot_)org> wrote:
Yes, I can get behind that. Make it so! Users should be presented with
secure defaults and not given the opportunity to unknowingly decrease
security. Deprecating lower-security but equivalently performant
algorithms is especially commendable.
That said, archived encrypted data may require decryption support well
into the future. OpenPGP-encrypted data is not ephemeral like
TLS-encrypted data.
I agree: But note that it's possible to run, for example, programs
written for the Symbolics Lisp machine (c. 1982) on your Macbook Pro
today: https://github.com/ynniv/opengenera
And older versions of GnuPG are certainly still buildable! (As, I
anticipate, older versions of any extension will be.)
W.r.t. long-term storage of messages, however, I tend to think that
storing them in their wire format is exactly the wrong thing to do. If
you don't discard wire-format messages, you don't get PFS, even using
ephemeral-static ECDH.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp