On 7/4/2018 6:23 AM, Michał Górny wrote: > Optionally allow using ECC, curve 25519 keys. We already have > developers using those keys, and given that they are supported > by GnuPG 2.2, there's probably no reason to ban them. However, they're > not recommended due to interoperability issues. > --- > glep-0063.rst | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/glep-0063.rst b/glep-0063.rst > index 6dc4ce5..ab7cb79 100644 > --- a/glep-0063.rst > +++ b/glep-0063.rst > @@ -33,6 +33,8 @@ v1.1 > The larger recommendation was unjustified and resulted in people > unnecessarily replacing their RSA-2048 keys. > > + Minimal specification has been amended to allow for ECC keys. > + > Motivation > ========== > > @@ -64,6 +66,8 @@ not be used to commit. > > b. RSA, >=2048 bits (OpenPGP v4 key format or later only) > > + c. ECC, curve 25519 > + > 3. Key expiry: 5 years maximum > > 4. Upload your key to the SKS keyserver rotation before usage! >
Add a minimum key size here for ECC. They have different bit sizes than classic DSA/RSA keys. A quick read indicates that a 224-bit ECC key is roughly equivalent to a 112-bit symmetric key, which is what a 2048-bit RSA key is equivalent to, so the logical minimum for ECC looks like 'nistp256'. The maximum is 521-bits on ECC (nistp521). Also move the mention of Ed25519 keys to their own bullet and clarify that they don't allow for a key length, as I think that's hardcoded in some capacity. -- Joshua Kinard Gentoo/MIPS ku...@gentoo.org rsa6144/5C63F4E3F5C6C943 2015-04-27 177C 1972 1FB8 F254 BAD0 3E72 5C63 F4E3 F5C6 C943 "The past tempts us, the present confuses us, the future frightens us. And our lives slip away, moment by moment, lost in that vast, terrible in-between." --Emperor Turhan, Centauri Republic
