GnuPG 2 does not import older keys with RSA-E and RSA-S anymore
Bernhard Reiter
bernhard at intevation.de
Tue Sep 22 14:36:00 CEST 2009
Am Montag, 21. September 2009 10:15:05 schrieb Werner Koch:
> On Wed, 16 Sep 2009 11:50, bernhard at intevation.de said:
> > following algorithms anymore:
> > 2 - RSA Encrypt-Only [HAC]
> > 3 - RSA Sign-Only [HAC]
> > rfc4880 notes:
> > Encrypt-Only (2) and RSA Sign-Only are deprecated and SHOULD NOT be
> > generated, but may be interpreted.
>
> I have not seen such keys for years. Software used to create such keys
> most likely also used MD5 as a hash algorithm and thus these keys should
> be considered broken.
Wouldn't it better to say so then instead of "unknown"?
I've created the following issue about it:
https://bugs.g10code.com/gnupg/issue1139
--
Managing Director - Owner: www.intevation.net (Free Software Company)
Germany Coordinator: fsfeurope.org. Coordinator: www.Kolab-Konsortium.com.
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20090922/5c87c6cb/attachment.pgp>
More information about the Gnupg-devel
mailing list