Best practices for obtaining a new GPG certificate

Neal H. Walfield neal at
Fri Mar 19 08:59:09 CET 2021

On Fri, 19 Mar 2021 08:33:17 +0100,
Robert J. Hansen via Gnupg-users wrote:
> > The next default is ECC (ed25519+cv25519) which is supported by most
> > OpenPGP implementations.  Only if you have a need to communicate with
> > some niche implementaions you need to use rsa3072.
> Last I checked, Thunderbird 78 did not support ed25519+cv25519
> keys. That's not a niche implementation.

Thunderbird 78's default OpenPGP implementation is rnp.  According to
the interoperability test suite, rnp is able to use the "Alice" key
from the "OpenPGP Example Keys and Certificates" I-D.

The "Alice" certificate uses:

  Primary key algorithm: Ed25519
  Subkey algorithm: Curve25519


More information about the Gnupg-users mailing list