Where is ECC in gpg2 (specifically gnupg-2.0.21

Werner Koch wk at gnupg.org
Thu Sep 19 19:44:39 CEST 2013

On Wed, 18 Sep 2013 10:54, nicholas.cole at gmail.com said:

> If I understand correctly, the curve is used to create the
> Public/Private Keypair.  So GPG probably needs to display clearly (in

The curve is part of the key.  We have a similar thing in Elgamal and
DSA algorithms, over there we call it domain parameters.  You may use
the same domain parameters for all keypairs or use new ones for every
key (that is what GnuPG does).  Selecting random elliptic curves is a
more time consuming process and thus almost everyone is using one curve
for everything.

> to create the key (if that is possible) so that people can make a
> judgement about that kind of thing when they certify keys -- assuming

If Bobs decides to use NIST curve, why don't you want to send a mail to
him.  It his his decision whether he want to keep stuff confidential.

OTOH, for key signing, the use of certain curves may well be a data
point on how far you trust someone else to sign a key.  Thus, I concur
that gpg should print a notice which curve has been used.  We may be
able to reuse the key size field for this (a curve specifies the key



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list