ECC code now in GnuPG master
Werner Koch
wk at gnupg.org
Thu Feb 3 21:16:16 CET 2011
On Thu, 3 Feb 2011 19:27, calestyo at scientia.net said:
> So this is now already the "main" 2.1 tree or a copy of that one?
master; currently known as 2.1/
> Do we have already any expectations when the ID goes RFC?
No idea. However the (former) WG already accepted this draft. I guess
it is up to Andrey to proceed with the RFC process.
> What's the suggested keysizes,... and which are supported by gpg?
The default is 256, which uses the NIST P-256 curve. Other supported
curves are NIST P-384 and NIST P-521. We could also add other curves as
long as an OID is available and a user interface is written. However, I
believe that proliferation of curves is a bad idea. In contrast to RSA
key sizes, the application needs to know the curve parameters as they
are not part of the key.
> Is there already an audit planned? Who will do it?
I will for sure look over the code again but I was more thinking of an
independent audit.
> And are there any other implementations having ECC?
AFAICR, Andrey once wrote the support for the PGP SDK; I have no
information what happened to it at Symantec.
> Is there a list of things which may not work (if any)?
> E.g. things like, can you sign RSA/DSA keys with an ECC key, etc. pp.
It is part of OpenPGP and there are no restrictions except for the key
capabilities; i.e. like Elgamal you can't use ECDH for the primary key.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list