>> It's entirely too common for obsolete encryption options that are
>> kept for "compatibility" end up being a vector for compromise, and
>> entirely reasonable to remove such options in order to provide the
>> most secure and maintainable tool for the vast majority of users.
> That's the attitude of authoritarian software: "my software is smarter
> than you".
I think the reality is a bit more subtle ;-)
In most cases, the real driver is a desire to keep the code simple and
to ease maintenance. Removal of old, little used, and largely untested
functionality is part of what can be done for that.
>> If you want ancient crypto options, just run an ancient binary.
>> They're very easy to find in archive.debian.org.
> They're not as easy to run as soon as they start being outrun by
> their dependencie's versions, and you perfectly know that.
My experience running old Debian packages of Emacs under Debian testing
is not that bad. Also, I think that if it's hard to do, it can be
blamed on Debian's package management (which should move towards
something more like NixOS to solve those problems).
Stefan
