x488 vs all other : keyid flip

Werner Koch wk at gnupg.org
Wed Apr 3 11:32:06 CEST 2024

On Tue,  2 Apr 2024 18:53, Andrew Gallagher said:

> technical challenge since no modern software supports them, and gnupg1
> doesn’t implement --list-packets :-) But I have to admit they do

Sure it has the --list-packets command.  This command dates back to the
very first release.

>> But let me remark for the records that GnuPG has been the entity which
>> always used the term /OpenPGP/ instead of /PGP/ or - as many Linux
>> people did - the term /GPG/ keys.  Thus we, and in particular me,
>> stressed that this is the OpenPGP standard which GnuPG implements,
>> popularized, took care, and pride of.  Sure it does no "belong" to us or
>> anyone - it is term without having a trademark.
> This is fair, and thank you. Not everyone is so careful.


> greatest amount of text declaring that OpenPGP no longer has a good
> reputation has been written by you. So this is a circular argument.

Well, I was obviously not caution enough with my statement.  What I mean
is that the current way the IETF WG works has a high potential to just
this.  At least an article in the very popular c't magazin might have
such an effect.  Maybe I should not overvalue such articles and postings
on mailing lists.

> Let us be clear here: you appear to be saying that if I want to update
> hockeypuck to support both librepgp and crypto-refresh artifacts, I am
> helping to destroy a solid standard? Or have I misunderstood your

Given that Ubuntu's Hockeypuck is the default keyserver for GnuPG for
most people (i.e. on Windows) it would be good if it continues to
support at least the default keys.  Whether X448 or the forthcominng
Kyber subkeys are relevant for keyservers is a different questions.

FWIW, I have severe doubts on the usefulness of public keyservers given
the DoS problems for users and the wrong - but real - assumption of
users that keys from a keyserver are trustworthy.  Sending keys with an
initial mail is a better way; keyserver should be used only to provide
subkey updates and revocations - no search by user id.

> I will bring this to the WG, with your comments.

I don't care about the IETF OpenPGP WG^Committee anymore.



The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240403/5f9501aa/attachment.sig>

More information about the Gnupg-users mailing list