GnuPG public key vulnerability?

Shannon C rehevkor5 at
Thu Nov 2 18:56:21 CET 2017

> so at Facebook, we checked
> the public keys that have been uploaded to people's profiles, and notified
> people whose keys are affected


FYI your detection logic seems a bit overzealous, because (last time I
checked) it detects revoked ROCA-vulnerable subkeys as making the whole
public key unacceptable, even if the private key is not affected by ROCA.
According to the responses on this thread
ROCA-affected subkeys have no effect on the validity of the private key or
other subkeys, so if they're revoked everything should be ok.

Rejecting public keys in this way is problematic for two reasons I can
think of:
1. It confuses people because it implies that there's something wrong with
your whole key even though the problem is only with a subkey. And it
implies that revoking the subkey doesn't solve the problem.
2. It will force people to do extra work to remove their subkeys before
exporting their public key for upload to Facebook. This is annoying to do
and might lead to people deleting their subkeys from their local keyring
permanently, which is probably a bad idea.

I'm not certain, but I think keybase might be getting this wrong too.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Gnupg-users mailing list