Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 520138

Summary: RFE: Limit key algorithms for signatures to whitelist
Product: Gentoo Hosted Projects Reporter: Kristian Fiskerstrand (RETIRED) <k_f>
Component: gentoo-keysAssignee: Gentoo-keys project <gkeys>
Status: CONFIRMED ---    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2014-08-17 17:27:06 UTC 
Depending on the gnupg version set as dependency (and considered standard) for gentoo the algorithm IDs of the signing and primary keys should be restricted. The current whitelist should be [1,3,17] for RSA and DSA keys, excluding e.g. EdDSA and ECDSA algorithms (the latter in RFC6637, the former is implemented in gnupg 2.1 but no I-D exists yet)