View Issue Details

IDProjectCategoryView StatusLast Update
0001455Main CAcert WebsiteGPG/PGPpublic2019-01-09 17:39
ReportercolincogleAssigned To 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
PlatformDefaultOSanyOS Versionany
Product Version2015 Q3 
Target VersionFixed in Version 
Summary0001455: CAcert cannot recognize or sign GPG/PGP keys with EdDSA public keys
DescriptionI finally created a new keypair with the newest version of GnuPG, and I used the EdDSA algorithm. However, CAcert cannot parse it. While it uploaded successfully, it's been stuck on "pending" for a while. Additionally, the expiration date shows as "0000-00-00 00:00:00."
Steps To Reproduce1. Create a new EdDSA key with the command: gpg --full-generate-key
2. Upload it to CAcert in hopes of getting it signed.
Additional InformationI have not tested this with ECDSA, ECDH, or ElGamal keys. However, I'd wager that support for those newer types are also lacking.

I tagged this as minor/normal but as the new version of GnuPG trickles out, this may turn into a major/high issue.
TagsNo tags attached.
Reviewed by
Test Instructions

Activities

Ted

2019-01-09 15:48

administrator   ~0005731

It's just a wild guess, but I assume that the version of GPG which is installed on the signer is a bit too old to know the new algorithms, does this sound plausible?

colincogle

2019-01-09 17:39

reporter   ~0005732

That's probably it. Support for ECDH, ECDSA, and EdDSA keys were added in GnuPG 2.1.

Issue History

Date Modified Username Field Change
2019-01-09 01:10 colincogle New Issue
2019-01-09 15:48 Ted Note Added: 0005731
2019-01-09 17:39 colincogle Note Added: 0005732