Importing ed25519 subkeys from SKS < 1.1.6

Werner Koch wk at
Wed Sep 6 23:33:18 CEST 2017


while doing a presentation which includes showing the effect of
--auto-key-retrieve, I got hit by a

  gpg: key F2AD85AC1E42B367: rejected by import screener

That is my own key!  Here I tried to verify a signature made with my
ed25519 subkey.  gpg then asked the keyserver to return the key for that
subkey by sending this to dirmngr:

 KS_GET --quick -- 0xD7FFC063B40A2294B966DB47FF80AE9D1DEC358D

The keyserver (SKS 1.1.5) returned the corresponding main key


including all of the RSA and DSA subkeys.  But not the original
requested ed25519 key.  It seems SKS 1.1.5 partly supports ed25519 keys
but for example does not return them.

Hopefully the remaining SKS 1.1.5 installations will soon update to
1.1.6 which does not have this problem.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20170906/1a89348d/attachment.sig>

More information about the Gnupg-devel mailing list