Apparently, there are some problems with the new defaults that are set when one creates a PGP key using a recent version of GnuPG (2.4).
I ran into this after generating a new ECC/ED25519 key to replace my "old" RSA one. The problem showed up when I re-encrypted my pass password store passwords with the new key: After transferring the key to my Android phone and importing it into OpenKeychain, I could not decrypt any passwords anymore.
After some research, I found https://github.com/open-keychain/open-keychain/issues/2886, describing this exact issue. As a possible fix, disabling the unsupported AEAD mechanism in the key itself was mentioned.
I'm not that deep into cryptography. I'm not sure I completely grasp what AEAD and OCB mean.
So: Is it wise and/or necessary to disable that for new GnuPG generated keys, for the sake of interoperability? Or will the others catch up and implement it? Or is there a good reason not to do so? Should one keep using legacy RSA keys? Is it too early to switch to more modern ones?
Thanks to all cryptography experts for all clarification!
