After updating my Tumbleweed system last week, I noticed that something had changed with “gpg”. Or, more explicitly, “gpg” was not working at all. This was immediately noticeable, because I had configured “kdewallet” to use “gpg” for encryption.
Okay, that’s a bug. It will presumably be fixed before opensuse 13.3 is released. For now, I had to find out what was up and how to work around the problem.
The specific Tumbleweed change was an update of gpg from version 2.1.0 to 2.1.1. The major change was already there in 2.1.0, but I had not noticed it because everything that I was doing still worked. The 2.1.1 update broke that.
The specific change was to remove support for old pgp2 keys. These are the type of key introduced with pgp2 in the early 1990s. They use RSA (for the public key encryption) and the md5 digest algorithm for hashing. These days, the md5 hash is considered too weak.