Justus Winter <jus...@sequoia-pgp.org> writes:

> Petter Reinholdtsen <p...@hungry.com> writes:
>
>> [Justus Winter]
>>> GnuPG no longer tracks OpenPGP, but something they call LibrePGP.  If
>>> you look closely at a certificate created from it, you can see some
>>> troubling divergences already.  For example, this is from one created
>>> by GnuPG 2.4.4:
>>
>> Thank you for the details.  I found <URL: https://librepgp.org/ > which
>> explain their rationale.  Seem to be quite a split in world view in
>> place here.
>
> Yes, that is what the media has dubbed "the SCHISM",
> e.g. https://lwn.net/Articles/953797/
>
> I played around with GnuPG 2.4.4, and it is easy to accidentally create
> an out-of-spec cert with it:

To be fair, the spec is available, isn't it?  It just isn't OpenPGP.

> % gpg --export 
> F3AE83A58BD3B8981C8F0AECC5AD7DC02CFAB1F1F14D7998FF87244ADDE1B6C1 | sq toolbox 
> packet dump --hex
> Unknown or Unsupported Packet, old CTB, 2 header bytes + 73 bytes

Looks like a feature request on the 'sq' tool to support this packet
type would be useful.

/Simon

Attachment: signature.asc
Description: PGP signature

Reply via email to