On Sat 2022-04-30 11:53:43 +0200, Davide Prina wrote: > So if I have, for example, old e-mails encrypted with this old and no more > supported ciphers I will not be able anymore to read the content if I > don't install manually an old and unmaintained package (if I will be able > to do that... dependencies also can be unavailable or uninstallable)... > is that correct? dealing with legacy archived encrypted data is definitely a potential problem. I see two ways of doing this: - Decrypt the data in one shot, using legacy tools, and store it in cleartext form for future access. - Decrypt the legacy PKESKs to retrieve the session keys, and store them separately alongside your modern secret key material. Modern implementations can use the session keys to decrypt the symmetric data without bothering with the legacy PKESKs. > Naturally this is a general problem not Debian specific. Yep, agreed. -dkg
Attachment:
signature.asc
Description: PGP signature