RSA key size restriction?

David Shaw dshaw at
Sun Dec 14 19:00:08 CET 2003

Hash: SHA1

On Thu, Dec 11, 2003 at 10:57:10PM +0100, Johan Wevers wrote:
> David Shaw wrote:
> >> Hmm. I wonder how many of those keys were actually generated by GnuPG
> >> and how many were made by certain hacked versions of PGP.
> >Yes, but before the key was generated, they had to agree to:
> >  The use of this algorithm is only supported by GnuPG.
> Doesn't pgp 5.0i for Unix support this? I remember having generated a
> key:
> sec   1024D/624B3B3E 1999-10-26 Johan Wevers <johanw at>
> uid                             Johan Wevers <johanw at>
> ssb   3072g/1B240FEE 1999-10-26
> where gpg complained about insecure key type, once with this version (that,
> BTW, has a RNG bug that compromises security), but I already had it revoked
> for another reason before this GnuPG bug was discovered (the key was already
> possibly compromised, even without faulty signatures).

If I recall, there was a version of PGP that did allow using Elgamal
keys for signatures, but it used the Elgamal encrypt-only keytype to
do it.  There was some uncertainty back then - PGP 5.0 came out nearly
a year before RFC-2440.

Version: GnuPG v1.2.4rc1 (GNU/Linux)
Comment: Key available at


More information about the Gnupg-users mailing list