On Mon, 6 May 2024 12:37, Heiko Schäfer said: > to spend very many person years in the IETF process, just to make the > OpenPGP standard worse? That does not sound like a very plausible
It took only a few month to destroy all work done in the 6 years before. See our timeline over at http://librepgp.org/#timeline . In short: I started the update of OpenPGP in 2015, the WG agreed 2018 on everything in 4880bis, a few people started some bike shedding which required another 3 years to solve. Right after that in fall 2021, a small group started to entirely rework everything. In fact, Proton (who don't really do E2E) introduced GCM as an additional encryption mode and thus large changes to the protocol were required. Nobody except them needs or wants that brittle GCM anyway. All comments from the major implementers (GnuPG and RNP) were either ignored or as insubstantial rejected. Pretty please: Stop discussing this here. We spent way to much time with that IETF group's behaviour. That group does not consider working and deployed code as important but prefers a dev-ops strategy. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein
openpgp-digital-signature.asc
Description: PGP signature
_______________________________________________ Gnupg-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-devel
