Re: cv25519 subkeys not sent in recv-keys or shown in search-keys
On 10/13/2015 08:06 AM, NIIBE Yutaka wrote: > Hello, > > I think that once newer libgcrypt will be released, cv25519 subkey > will be popular. For sks keyserver, I submitted an issue as an > remainder. > > https://bitbucket.org/skskeyserver/sks-keyserver/issues/36/curve25519-oid-for-encryption > > Fwiw, this patch is now applied to the servers in the keys2.kfwebs.net cluster and the subkey is listed at http://keys2.kfwebs.net/pks/lookup?op=vindex&search=0x3AED5886 -- Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 Carpe noctem Seize the night signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: cv25519 subkeys not sent in recv-keys or shown in search-keys
Hello, I think that once newer libgcrypt will be released, cv25519 subkey will be popular. For sks keyserver, I submitted an issue as an remainder. https://bitbucket.org/skskeyserver/sks-keyserver/issues/36/curve25519-oid-for-encryption -- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: cv25519 subkeys not sent in recv-keys or shown in search-keys
On 10/10/2015 01:50 AM, Scott M wrote: > Using gpg2-2.1.8 with libgcrypt-1.7.0-beta262, I did the > following: > ... > > However, when I search-keys for the hexid of the encrypt subkey, it > returns the master public key, so the server knows about the > subkey. Then why doesn't it send to me when I --recv-keys ? For > that matter, > http://keys2.kfwebs.net/pks/lookup?op=vindex&search=0x9300DF68 You should get it if you append &clean=off to the get query, i.e. https://sks-keyservers.net/pks/lookup?op=get&search=0x9300DF68&clean=off (that is using the same server cluster) > does output my keys, but does not show the very key that was > searched for! > > Is it possible the server supports ed25519, but not cv25519? Are > there any keyservers known to support both these key types? It > seems that almost all do not, even keys2.kfwebs.net (got this one > from #gnupg). > That is very possible, as there is not yet an ID except for http://www.ietf.org/internet-drafts/draft-koch-eddsa-for-openpgp-01.txt for curve25519 related keys -- Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 Veni vidi visa I came, I saw, I bought signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
cv25519 subkeys not sent in recv-keys or shown in search-keys
Using gpg2-2.1.8 with libgcrypt-1.7.0-beta262, I did the following: (1) made a master sign/certify ed25519 key. (2) made 3 subkeys (ed25519 sign, ed25519 authorize, cv25519 encrypt) (3) send-keys to keys2.kfwebs.net (rumored to support ecc): success Here are the keys: pub ed25519/3AED5886 2015-10-04 [SC] [expires: 2016-10-03] uid [ultimate] Scott Mcdermott sub cv25519/9300DF68 2015-10-04 [E] [expires: 2016-10-03] sub ed25519/C0223044 2015-10-04 [A] [expires: 2016-10-03] sub ed25519/EB2BDC84 2015-10-04 [S] [expires: 2016-10-03] Ok, now I want to see if others can see them: (1) make a brand new user account (2) empty homedir except gpg.conf with keys2.kfwebs.net. (3) recv-keys with the master ID (0x3AED5886) ok, so the subkeys should now be in my new user's keyring, yes? But NO. Using list-keys, I see the sign and authorize (the ed25519s), but *not* the encrypt subkey: pub ed25519/3AED5886 2015-10-04 [SC] [expires: 2016-10-03] uid [ unknown] Scott Mcdermott sub ed25519/C0223044 2015-10-04 [A] [expires: 2016-10-03] sub ed25519/EB2BDC84 2015-10-04 [S] [expires: 2016-10-03] However, when I search-keys for the hexid of the encrypt subkey, it returns the master public key, so the server knows about the subkey. Then why doesn't it send to me when I --recv-keys ? For that matter, http://keys2.kfwebs.net/pks/lookup?op=vindex&search=0x9300DF68 does output my keys, but does not show the very key that was searched for! Is it possible the server supports ed25519, but not cv25519? Are there any keyservers known to support both these key types? It seems that almost all do not, even keys2.kfwebs.net (got this one from #gnupg). -- Scott ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users