Where is ECC in gpg2 (specifically gnupg-2.0.21

Nicholas Cole nicholas.cole at gmail.com
Wed Sep 18 10:54:59 CEST 2013

On Wed, Sep 18, 2013 at 9:33 AM, Josef Schneider <josef at netpage.dk> wrote:
> On Wed, Sep 18, 2013 at 9:06 AM, Werner Koch <wk at gnupg.org> wrote:
>> The standard already allows for all kind of curses.  They are specified
>> by an OID and I offered DJB to assign OIDs from the GnuPG arc.  The
>> original reason why I wanted an OID based design is so that it will be
>> possible to use Brainpool curves which are preferred by some European
>> institutions.  I rejected the idea to make them the default in GnuPG to
>> support better interoperability but also told people that we change the
>> default as soon as we see people are using other curves.  Meanwhile I
>> don't think that we need a pool to settle on a different default.
> Is there a way to say someone should under no circumstances send a
> message to me that is encrypted with a NIST curve?
> Even if that means, that he can't find a encryption for the message?

If I understand correctly, the curve is used to create the
Public/Private Keypair.  So GPG probably needs to display clearly (in
the --with-colons output and in the user-facing output) the curve used
to create the key (if that is possible) so that people can make a
judgement about that kind of thing when they certify keys -- assuming
it matters to them.  Or have I got that wrong?


More information about the Gnupg-users mailing list