Thanks for your summary, Andreas, I found it very helpful. This guide appeared to be the newest from NIST that I could find on the topic of key lengths https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar3.ipd.pdf -- page 21 (marked 11 on the page) appears to say n=1024 is still fine for "legacy use": "The algorithm or key length may only be used to process already protected information (e.g., decrypt ciphertext data or verify a digital signature)". A very literal reading would probably suggest that *old* InRelease files would be fine but *new* InRelease files wouldn't be. There'd be no reliable way to tell the age without actually validating the signature, so maybe it's academic, but I don't imagine they intended to allow installing software protected solely by rsa1024.
I would prefer if we asked users to make this change themselves if they still have rsa1024 repositories somewhere. Noble has been out for almost a year. Ubuntu 24.04.1 was released over six months ago. If the >=rsa2048 restrictions were brand new, and we saw a deluge of complaints, maybe relaxing it would make sense. But what we've seen is a decade of people asking us how to prevent rsa1024 from being used. I don't understand why today is the right day to allow weaker RSA keys. All the other changes seem fine to me. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2073126 Title: More nuanced public key algorithm revocation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/2073126/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
