View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0001455||Main CAcert Website||GPG/PGP||public||2019-01-09 01:10||2019-12-03 07:51|
|Product Version||2015 Q3|
|Target Version||Fixed in Version|
|Summary||0001455: CAcert cannot recognize or sign GPG/PGP keys with EdDSA public keys|
|Description||I finally created a new keypair with the newest version of GnuPG, and I used the EdDSA algorithm. However, CAcert cannot parse it. While it uploaded successfully, it's been stuck on "pending" for a while. Additionally, the expiration date shows as "0000-00-00 00:00:00."|
|Steps To Reproduce||1. Create a new EdDSA key with the command: gpg --full-generate-key|
2. Upload it to CAcert in hopes of getting it signed.
|Additional Information||I have not tested this with ECDSA, ECDH, or ElGamal keys. However, I'd wager that support for those newer types are also lacking.|
I tagged this as minor/normal but as the new version of GnuPG trickles out, this may turn into a major/high issue.
|Tags||No tags attached.|
||It's just a wild guess, but I assume that the version of GPG which is installed on the signer is a bit too old to know the new algorithms, does this sound plausible?|
||That's probably it. Support for ECDH, ECDSA, and EdDSA keys were added in GnuPG 2.1.|
||I stumbled upon this bug today, too. A fresh GPG key with Elliptic Curves cannot be signed, it is pending forever. A RSA key does work.|