my gpg key does not conform to rfc4880?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Oct 10 20:02:39 CEST 2013
On 10/10/2013 01:45 PM, Brian J. Murrell wrote:
> I was told by a developer of a piece of software that my key does not
> conform to rfc4800. He said:
>
> According to http://tools.ietf.org/html/rfc4880#section-5.2.2
> signatures of version 3 don't have subpackets, which are only
> available in version 4.
>
> Looks like your key from 1998 is not compliant to RFC4880.
>
> Do I have any recourse other than to generate a new key?
your key 0x9771109462F2B970 appears to be an OpenPGPv4 key, not an
OpenPGPv3 key, so i'm not sure what the person you were talking to was
talking about.
that said, 0x9771109462F2B970 claims to have been generated on
1998-02-16, and is a 1024-bit DSA key. This is a weak key by today's
standards, and the fact that it has been in use for over 15 years makes
me think that you should probably generate a new primary key anyway.
You don't have to revoke your old key immediately, of course, but you
probably want to move to something stronger sooner rather than later.
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20131010/c149e32d/attachment.sig>
More information about the Gnupg-users
mailing list