ECC code now in GnuPG master

Werner Koch wk at
Thu Feb 3 21:16:16 CET 2011

On Thu,  3 Feb 2011 19:27, calestyo at said:

> So this is now already the "main" 2.1 tree or a copy of that one?

master; currently known as 2.1/

> Do we have already any expectations when the ID goes RFC?

No idea.  However the (former) WG already accepted this draft.  I guess
it is up to Andrey to proceed with the RFC process.

> What's the suggested keysizes,... and which are supported by gpg?

The default is 256, which uses the NIST P-256 curve.  Other supported
curves are NIST P-384 and NIST P-521.  We could also add other curves as
long as an OID is available and a user interface is written.  However, I
believe that proliferation of curves is a bad idea.  In contrast to RSA
key sizes, the application needs to know the curve parameters as they
are not part of the key.

> Is there already an audit planned? Who will do it?

I will for sure look over the code again but I was more thinking of an
independent audit.

> And are there any other implementations having ECC?

AFAICR, Andrey once wrote the support for the PGP SDK; I have no
information what happened to it at Symantec.

> Is there a list of things which may not work (if any)?
> E.g. things like, can you sign RSA/DSA keys with an ECC key, etc. pp.

It is part of OpenPGP and there are no restrictions except for the key
capabilities; i.e. like Elgamal you can't use ECDH for the primary key.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list