GnuPG ElGamal Signing Key
David Shaw
dshaw at jabberwocky.com
Wed Sep 17 06:15:21 CEST 2008
On Sep 16, 2008, at 11:03 PM, Kevin Hilton wrote:
> Although you would have to go to lengths to create an ElGamal signing
> key (rather than a DSA or RSA key), is use of an ElGamal signing key
> still considered to be bad behaivor? The last article I read from
> 2003 suggested ElGamal signing keys (strictly different than ElGamal
> encryption keys) had been compromised:
>
> http://silverstr.ufies.org/blog/archives/000415.html
There was a bug in the Elgamal signing key code in GPG back then.
There is no longer a bug... and there is also no longer Elgamal
signing key code. Elgamal signing keys were dropped from the OpenPGP
standard in RFC-4880, and so will not be supported in GPG.
> As a side note, are there any other possible algorithms that may be
> used to generate a signing key other than DSA/RSA/ElGamal.
Yes, but not in OpenPGP.
David
More information about the Gnupg-users
mailing list