Public bug reported: I don't know if this will land before the feature freeze but I'm filing this in any case:
Our goal for 24.04 is to reject 1024-bit RSA repository signing keys. Work is ongoing in Launchpad to allow dual-signing PPAs and then resign all PPAs with a 4096-bit key. This needs the following changes: 1) The gnupg upstream commit for https://dev.gnupg.org/T6946 needs to be backported. This is applying fine and in the package already, but the test suite fails with issues that look weirdly unrelated. 2) APT needs to learn to pass the argument if supported 3) APT needs to learn to interpret the output 4) APT possibly may have to learn to issue warnings instead of errors for weak keys and pass the URL to the gpgv method to allow 1024-bit RSA keys over TLS connections, in case there are unforeseen issues with the PPA migration. Signing key policy: We would like to adopt a signing key policy of rsa>2048,ed25519,ed448 As a result we would like to reject - RSA keys below 2048 bits - DSA keys - Unsafe ECC keys: - NIST P-{256,384,521} - Brainpool P-{256,384,512} - secp256k1 Notes: - DSA keys are not possible to use anymore due to the deprecation of SHA1 that happened years ago - NIST and Brainpool and secp256k1 are not very popular, https://safecurves.cr.yp.to/ lists all of them as unsafe. It is believed they have backdoors. Some FIPS customers may prefer them over Ed25519 and Ed448 as they have been approved longer, so it's possible fips support packages could reenable them by setting the correct apt.conf setting in a snippet. Timing wrt feature freeze and launchpad changes: Launchpad changes won't be landing before feature freeze and it will take some more weeks to resign the repositories, hence we need to do uploads after FF to enable the error by default even if we ship the functionality before it. ** Affects: apt (Ubuntu) Importance: Undecided Status: New ** Affects: gnupg (Ubuntu) Importance: Undecided Status: New ** Description changed: I don't know if this will land before the feature freeze but I'm filing this in any case: Our goal for 24.04 is to reject 1024-bit RSA repository signing keys. Work is ongoing in Launchpad to allow dual-signing PPAs and then resign all PPAs with a 4096-bit key. This needs the following changes: - 1) The gnupg upstream commit for https://dev.gnupg.org/T6946 needs to be backported + 1) The gnupg upstream commit for https://dev.gnupg.org/T6946 needs to be backported. This is applying fine and in the package already, but the test suite fails with issues that look weirdly unrelated. 2) APT needs to learn to pass the argument if supported 3) APT needs to learn to interpret the output 4) APT possibly may have to learn to issue warnings instead of errors for weak keys and pass the URL to the gpgv method to allow 1024-bit RSA keys over TLS connections, in case there are unforeseen issues with the PPA migration. - Signing key policy: We would like to adopt a signing key policy of rsa>2048,ed25519,ed448 As a result we would like to reject - RSA keys below 2048 bits - DSA keys - Unsafe ECC keys: - - NIST P-{256,384,521} - - Brainpool P-{256,384,512} - - secp256k1 + - NIST P-{256,384,521} + - Brainpool P-{256,384,512} + - secp256k1 Notes: - DSA keys are not possible to use anymore due to the deprecation of SHA1 that happened years ago - NIST and Brainpool and secp256k1 are not very popular, https://safecurves.cr.yp.to/ lists all of them as unsafe. It is believed they have backdoors. Some FIPS customers may prefer them over Ed25519 and Ed448 as they have been approved longer, so it's possible fips support packages could reenable them by setting the correct apt.conf setting in a snippet. ** Also affects: gnupg (Ubuntu) Importance: Undecided Status: New ** Description changed: I don't know if this will land before the feature freeze but I'm filing this in any case: Our goal for 24.04 is to reject 1024-bit RSA repository signing keys. Work is ongoing in Launchpad to allow dual-signing PPAs and then resign all PPAs with a 4096-bit key. This needs the following changes: 1) The gnupg upstream commit for https://dev.gnupg.org/T6946 needs to be backported. This is applying fine and in the package already, but the test suite fails with issues that look weirdly unrelated. 2) APT needs to learn to pass the argument if supported 3) APT needs to learn to interpret the output 4) APT possibly may have to learn to issue warnings instead of errors for weak keys and pass the URL to the gpgv method to allow 1024-bit RSA keys over TLS connections, in case there are unforeseen issues with the PPA migration. Signing key policy: We would like to adopt a signing key policy of rsa>2048,ed25519,ed448 As a result we would like to reject - RSA keys below 2048 bits - DSA keys - Unsafe ECC keys: - NIST P-{256,384,521} - Brainpool P-{256,384,512} - secp256k1 Notes: - DSA keys are not possible to use anymore due to the deprecation of SHA1 that happened years ago - NIST and Brainpool and secp256k1 are not very popular, https://safecurves.cr.yp.to/ lists all of them as unsafe. It is believed they have backdoors. Some FIPS customers may prefer them over Ed25519 and Ed448 as they have been approved longer, so it's possible fips support packages could reenable them by setting the correct apt.conf setting in a snippet. + + + Timing wrt feature freeze and launchpad changes: + + Launchpad changes won't be landing before feature freeze and it will + take some more weeks to resign the repositories, hence we need to do + uploads after FF to enable the error by default even if we ship the + functionality before it. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/2055193 Title: [FFe] APT 24.04 crypto policy update Status in apt package in Ubuntu: New Status in gnupg package in Ubuntu: New Bug description: I don't know if this will land before the feature freeze but I'm filing this in any case: Our goal for 24.04 is to reject 1024-bit RSA repository signing keys. Work is ongoing in Launchpad to allow dual-signing PPAs and then resign all PPAs with a 4096-bit key. This needs the following changes: 1) The gnupg upstream commit for https://dev.gnupg.org/T6946 needs to be backported. This is applying fine and in the package already, but the test suite fails with issues that look weirdly unrelated. 2) APT needs to learn to pass the argument if supported 3) APT needs to learn to interpret the output 4) APT possibly may have to learn to issue warnings instead of errors for weak keys and pass the URL to the gpgv method to allow 1024-bit RSA keys over TLS connections, in case there are unforeseen issues with the PPA migration. Signing key policy: We would like to adopt a signing key policy of rsa>2048,ed25519,ed448 As a result we would like to reject - RSA keys below 2048 bits - DSA keys - Unsafe ECC keys: - NIST P-{256,384,521} - Brainpool P-{256,384,512} - secp256k1 Notes: - DSA keys are not possible to use anymore due to the deprecation of SHA1 that happened years ago - NIST and Brainpool and secp256k1 are not very popular, https://safecurves.cr.yp.to/ lists all of them as unsafe. It is believed they have backdoors. Some FIPS customers may prefer them over Ed25519 and Ed448 as they have been approved longer, so it's possible fips support packages could reenable them by setting the correct apt.conf setting in a snippet. Timing wrt feature freeze and launchpad changes: Launchpad changes won't be landing before feature freeze and it will take some more weeks to resign the repositories, hence we need to do uploads after FF to enable the error by default even if we ship the functionality before it. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/2055193/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
