RSA pub-sec pri key pair + ELG enc + RSA sign subkeys + EDDSA/ECDH subkeys -> e-mail familiar RSA/ELG key recipient

Fulano Diego Perez fulanoperez at cryptolab.net
Fri Jun 10 08:54:25 CEST 2016


sender:
RSA pub-sec pri key pair + ELG enc + RSA sign subkeys + EDDSA/ECDH subkeys

recipient:
RSA and/or ELG key recipient

sender e-mails recipient

sender has in addition to older _non expired_ RSA/ELG subkeys, newer
EDDSA/ECDH enc/sign subkeys

recipient has familiar RSA pri key and _may_ have newer RSA/ELG enc/sign
subkeys

recipient has no software support for EDDSA/ECDH

will gnupg 2.1.x automatically select the senders' older _non expired_
RSA/ELG subkeys so the recipient can decrypt/verify signed/encrypted email ?

is the converse true for the sender for whatever software implementation
they use (is this wishful thinking?) - in that their software will not
fail after detecting newer incompatible subkeys, and then proceed to
select the recipients' older but valid, compatible subkeys ?

in other words at this time can gnupg 2.1.x automatically, compatibly
operate with both RSA and EDDSA/ECDH keys/subkeys ?

is manual subkey override necessary per-recipient ?

is there a global default option to allow this scenario with mixed keys
without manual intervention ?

i did a few tests but not sure about this - the sender gnupg 2.1.12
libgcrypt 1.7.0-beta didnt use its older _non expired_ RSA/ELG subkeys
to sign/enc to the recipient with the familiar RSA keypair





More information about the Gnupg-users mailing list