Old ElGamal keys

Werner Koch wk at isil.d.shuttle.de
Thu Dec 10 12:36:13 CET 1998


I have changed the export command, so that old keys (ElGamal used for
signing and encryption) are not anymore exported.  The old command
will still be available as --export-all.  The reason for this is that
these keys are not compatible to RFC2440; however I don't intend to
remove the support completely, so that those old keys may still be
used.  Key generation of those old keys will be disabled because there
is no real advantage, as we don't have a large enough hash for
signature keys with a length > 1024.

I suggest that users of old keys switch to the new standard
DSA/ElGamal keys.  Users in France and Russia might want to create only 
the DSA key so they don't get in conflict with their laws - but of
course, this is up to you. 

I believe it is better to go with a standard.


More information about the Gnupg-devel mailing list