[pkg-gnupg-maint] Upgrading sid to 2.2.42?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Feb 6 14:14:42 GMT 2024
Hi Andreas--
On Sat 2024-02-03 09:06:44 +0100, Andreas Metzler wrote:
> any thoughts on a upgrade to 2.2.42? It seems to be straightforward in
> my local test.
Thanks for looking into this!
I think it's probably a good idea to consider that upload, not least
because it'd be good to prepare for 2.2.43, but i'm also a bit wary
about what advertisements are placed in the default new OpenPGP key
generation.
For example, we're already seeing unreadable mail in Thunderbird because
it imports OpenPGP certificates that were generated by GnuPG advertising
support for features that the version of RNP shipped in Thunderbird
couldn't decrypt:
https://bugzilla.mozilla.org/show_bug.cgi?id=1874715
Arguably, this is a bug in Thunderbird, but as Thunderbird is a major
consumer of material produced by GnuPG, it'd be nice to not trigger more
widespread problems like this until Thunderbird has sorted out the
problem.
It looks to me like a545e14e8a74453a3110e32533af8858f88492be at least
adds such an advertisement on new key generation. However, I haven't
tested what the default key generation process produces, or whether any
new feature advertisements are added during, say, re-signing.
If the default new key generation doesn't have the additional
advertisements, it seems reasonable to just go ahead with an upload to
unstable. if the default new key generation adds advertisements that
are likely to cause unreadable messages to be delivered to Thunderbird,
maybe we can adjust with a patch?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnupg-maint/attachments/20240206/ba0a4261/attachment.sig>
More information about the pkg-gnupg-maint
mailing list