There is no crisis here. Everybody can just keep using the existing standard and everything will work. It turns out that the existing stuff is actually cryptographically secure.
So far the only practical incompatibility I have seen seems to be associated with the GnuPG OCB cipher mode. Newer versions of GnuPG generate keys that show OCB compatibility. So encrypting messages/files to that particular PGP identity will result in the use of the non-backwards compatible OCB mode. That will prevent a non GPG OCB compatible from decrypting the message/file. The GnuPG project should document the issue and make it clear how one could disable the GPG OCB mode.
You've been saying for years on Hacker News that (a) authenticated encryption is overrated, and (b) that the PGP MDC is as secure as an authenticated cipher mode.
Specifically, I have been saying that in normal PGP usage, the PGP MDC is not relevant. Since each message is self contained (no ongoing connection), it is better to authenticate the plaintext directly with a signature. For an unsigned message an attacker can replace the whole thing. For the case of symmetrical encryption, the PGP MDC is relevant. So it depends...
>the PGP MDC is as secure as an authenticated cipher mode.
It is. It turns out there is a class of authenticated encryption that involves first hashing the plaintext and then encrypting the plaintext and the hash. OCFB-MDC seems to be an instance of that class. That seems to defy conventional wisdom and as a result is interesting.
So far the only practical incompatibility I have seen seems to be associated with the GnuPG OCB cipher mode. Newer versions of GnuPG generate keys that show OCB compatibility. So encrypting messages/files to that particular PGP identity will result in the use of the non-backwards compatible OCB mode. That will prevent a non GPG OCB compatible from decrypting the message/file. The GnuPG project should document the issue and make it clear how one could disable the GPG OCB mode.