| > the new standard is a complete rewrite of the old one. they are not even compatible anymore. My honest first reaction to this statement would get me permabanned from this site, so here’s the polite version: This is nonsense on stilts. It is so ill-informed and baseless I struggle to understand how anyone who has read the RFCs in question could possibly come to this conclusion. It is hooey. > things the old standard used to support are not supported in the new standard. Aside from deprecating some ancient cryptographic algorithms that nobody uses any more, everything from RFC4880 is in RFC9580. Can you point out a concrete example of something (non-obsolete!) that is missing? > that makes any implementation of the new standard incompatible with implementations of the old one. That is news to every openpgp implementation other than gnupg, which have happily implemented both. Even RNP have it in a feature branch somewhere. > (source: i talked to a GnuPG developer) Which one? When? It would genuinely help if they would go on the record. I strongly suspect their actual opinion would differ from what you’ve reported here. There’s enough hearsay nonsense about the schism floating around the internet as it is, without adding to it. |
i hope you'll notice this reply and get a chance to read it.