GnuPG 2 does not import older keys with RSA-E and RSA-S anymore

Bernhard Reiter bernhard at
Tue Sep 22 14:36:00 CEST 2009

Am Montag, 21. September 2009 10:15:05 schrieb Werner Koch:
> On Wed, 16 Sep 2009 11:50, bernhard at said:
> > following algorithms anymore:    
> >       2          - RSA Encrypt-Only [HAC]
> >       3          - RSA Sign-Only [HAC]
> > rfc4880 notes:
> >    Encrypt-Only (2) and RSA Sign-Only are deprecated and SHOULD NOT be
> >    generated, but may be interpreted.
> I have not seen such keys for years.  Software used to create such keys
> most likely also used MD5 as a hash algorithm and thus these keys should
> be considered broken.

Wouldn't it better to say so then instead of "unknown"?
I've created the following issue about it:

Managing Director - Owner:       (Free Software Company)
Germany Coordinator: Coordinator:
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20090922/5c87c6cb/attachment.pgp>

More information about the Gnupg-devel mailing list