Should one really disable AEAD for recent GnuPG created PGP keys?
Apparently, there are some problems with the new defaults that are set when one creates a PGP key using a recent version of GnuPG (2.4).
I ran into this after generating a new ECC/ED25519 key to replace my "old" RSA one. The problem showed up when I re-encrypted my pass password store passwords with the new key: After transferring the key to my Android phone and importing it into OpenKeychain, I could not decrypt any passwords anymore.
After some research, I found https://github.com/open-keychain/open-keychain/issues/2886, describing this exact issue. As a possible fix, disabling the unsupported AEAD mechanism in the key itself was mentioned.
I'm not that deep into cryptography. I'm not sure I completely grasp what AEAD and OCB mean.
So: Is it wise and/or necessary to disable that for new GnuPG generated keys, for the sake of interoperability? Or will the others catch up and implement it? Or is there a good reason not to do so? Should one keep using legacy RSA keys? Is it too early to switch to more modern ones?
