> > > RHEL 10 already contains RPM signing keys that cannot be understood by > GnuPG. > > > > Why oh why? > > > > I mean, I'm all for replacing gnupg by something better. But why is RH > > deliberately chosing key types which force sequoia adoption? >
Please, do not take this as something that forces sequoia adoption. Sequoia is just the implementation we use. You are free to use anything else that is implementing and using the OpenPGP standard. There are other implementations. We just want to stay on the "standard" side: https://sequoia-pgp.gitlab.io/openpgp-interoperability-test-suite/results.html > > I'm sorry to say, but that's another display of the attitude around the > > sequoia project which keeps at least some people from embracing it. > > > > They chose PQC algorithms because... they want PQC signatures. As far > as I'm aware, GnuPG doesn't *have* support for PQC algorithms. And > we've been using Sequoia for RPM signature validation since Fedora > Linux 38. From *our* perspective, there's nothing wrong with using > those new algorithms. GnuPG 2.4 in Fedora does not support any PQC algorithms. The GnuPG 2.5 supports only PQC algorithms from incompatible LibrePGP standard, that are not understood by anyone else implementing OpenPGP. Jakub
-- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
