[pkg-gnupg-maint] What do we do about GnuPG 1.4 in debian?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sat Apr 30 19:15:34 BST 2022
On Sat 2022-04-30 11:53:43 +0200, Davide Prina wrote:
> So if I have, for example, old e-mails encrypted with this old and no more
> supported ciphers I will not be able anymore to read the content if I
> don't install manually an old and unmaintained package (if I will be able
> to do that... dependencies also can be unavailable or uninstallable)...
> is that correct?
dealing with legacy archived encrypted data is definitely a potential
problem. I see two ways of doing this:
- Decrypt the data in one shot, using legacy tools, and store it in
cleartext form for future access.
- Decrypt the legacy PKESKs to retrieve the session keys, and store
them separately alongside your modern secret key material. Modern
implementations can use the session keys to decrypt the symmetric
data without bothering with the legacy PKESKs.
> Naturally this is a general problem not Debian specific.
Yep, agreed.
-dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnupg-maint/attachments/20220430/5fa0b17c/attachment-0003.sig>
More information about the pkg-gnupg-maint
mailing list