From 2b32eb15aac8cde4144243a67bd4f27f724bc78b Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 25 Jun 2012 16:27:04 +0200 Subject: gpg: Disallow the use of v3 keys. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * g10/gpg.c: Add options --allow-v3-keys and --no-allow-v3-keys. (main): Enable --allow-v3-keys in --pgp2 mode. * g10/options.h (opt): Add field allow_v3_keys. * g10/import.c (delete_v3_subkeys): New. (import_one): Skip v3 keys and delete v3 subkeys. (import_print_stats): Print stats on v3 keys and subkeys. * g10/getkey.c (finish_lookup): Skip v3 keys. -- This is a first take on disabling v3 keys. We may need to add some tweaks to make decryption using an existing v3 key easier. There is no need to disallow decryption. Thanks to Georgi Guninski to put some pressure on us to finally do what PGP 2 folks will probably don’t like. See the discussion on gnupg-devel starting 2012-06-22. --- NEWS | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'NEWS') diff --git a/NEWS b/NEWS index a8352ca53..521ccf9aa 100644 --- a/NEWS +++ b/NEWS @@ -11,6 +11,10 @@ Noteworthy changes in version 2.1.0beta4 (unreleased) * The hash algorithm is now printed for sig records in key listings. + * GPG does not anymore allow the use of the long deprecated v3 keys + (PGP 2 keys). The new option --allow-v3-keys can be used to + exceptionally allow them. + Noteworthy changes in version 2.1.0beta3 (2011-12-20) ----------------------------------------------------- -- cgit v1.2.3