EC SRM key for bookworm?

To: debian-release@lists.debian.org
Subject: EC SRM key for bookworm?
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 04 Mar 2023 13:33:13 +0000
Message-id: <[🔎] 3260ae0adb67fb075fe3f5dd5733cc897a375979.camel@adam-barratt.org.uk>

[Please CC me on replies and keep discussion on d-release regardless of
how you received the mail]

Hi,

SRM is considering using an ed25519 GPG key for bookworm. Does anyone
see any issues with that?

We've tested merging signatures from a (different) ed25519 key and an
RSA key using dak's "gpg-merge-signatures" script, and gpgv is happy to
verify the result on an oldoldstable (Debian 9 / stretch) system.

We know that GPG(V) 1.X can't handle EC keys, which means that the
signatures won't be verifiable on jessie. jessie is still supported
externally via ELTS, but I don't know that anyone's trying to use it to
verify signatures from bookworm.

Thanks,

Adam

Reply to:

Prev by Date: (E)LTS report for February 2023
Next by Date: Re: New buster-lts upload of shim
Previous by thread: Debian LTS report for February 2023
Next by thread: Re: New buster-lts upload of shim
Index(es):
- Date
- Thread