Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 520138 - RFE: Limit key algorithms for signatures to whitelist
Summary: RFE: Limit key algorithms for signatures to whitelist
Status: RESOLVED WONTFIX
Alias: None
Product: Gentoo Hosted Projects
Classification: Unclassified
Component: gentoo-keys (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo-keys project
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-08-17 17:27 UTC by Kristian Fiskerstrand (RETIRED)
Modified: 2025-01-07 03:15 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2014-08-17 17:27:06 UTC 
Depending on the gnupg version set as dependency (and considered standard) for gentoo the algorithm IDs of the signing and primary keys should be restricted. The current whitelist should be [1,3,17] for RSA and DSA keys, excluding e.g. EdDSA and ECDSA algorithms (the latter in RFC6637, the former is implemented in gnupg 2.1 but no I-D exists yet)
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2025-01-07 03:15:38 UTC 
gkeys was disbanded a while ago.