* alphabeta(_at_)beta2(_dot_)freedom(_dot_)net wrote:
Then there is the issue that if we are changing the packet format, maybe
we should make other changes as well.
There is no need to do so.
Then, if we're changing the secret key packet format, should the public
key packet be changed as well,
There is not connection between the public and the secret key format.
kind of opens a can of worms if we go this way. On the other hand, given
that any new key format won't be backwards-compatible, if there are other
secret-key-specific changes this might be a good time to make them.
I oppose quick changes. OpenPGP needs a deep protocol analysis and a much
easier format. This can't be done in a few weeks.
Our short term solution should be: Encourage the implementors to choose
better storage formats and urge more integrity checks.