On Sat 2022-04-30 11:53:43 +0200, Davide Prina wrote:
> So if I have, for example, old e-mails encrypted with this old and no more
> supported ciphers I will not be able anymore to read the content if I
> don't install manually an old and unmaintained package (if I will be able
> to do that... dependencies also can be unavailable or uninstallable)...
> is that correct?
dealing with legacy archived encrypted data is definitely a potential
problem. I see two ways of doing this:
- Decrypt the data in one shot, using legacy tools, and store it in
cleartext form for future access.
- Decrypt the legacy PKESKs to retrieve the session keys, and store
them separately alongside your modern secret key material. Modern
implementations can use the session keys to decrypt the symmetric
data without bothering with the legacy PKESKs.
> Naturally this is a general problem not Debian specific.
Yep, agreed.
-dkg
Attachment:
signature.asc
Description: PGP signature