Hi, we just noticed again that we are still trusting 1024R keys for signing repositories in APT, arguably because we do not have a means to tell gpgv the minimum key size.
While the upstream bug[0] is being worked on, I have written a hack[1] that - if APT_SIGNING_REQUIREMENTS_HACK environment variable is set - makes gpgv error out on keys smaller than 2048R and warn on keys smaller than 3072R (following the current OpenPGP draft size length requirements, 3072 is a SHOULD, 2048 a MUST). I have also written code in APT to actually parse GPG error and warning status messages, and set the environment variable.[2] Sadly shipping this in 24.04 means that PPAs owned by user accounts created prior to 2014-03-11[3] until the key rotation mechanism(s) [4][5] have been implemented. However given that (I've been informed) ~800 bits were already cracked about 5 years ago, and we are planning to support 24.04 for 12 years, I believe that this is necessary and it's better to take the pain now then do an SRU to disable 1024R keys on existing systems. This is more painful than the digest transition because we have reason to believe that 1024R keys are potentially unsafe *now* and we need to stop trusting them, whereas when we deprecated MD5 and SHA1 we were able to have a deprecation period of a stable release. [0] https://dev.gnupg.org/T6946 [1] https://gist.github.com/julian-klode/fbc56278cd0bdcd305f825479b094fad [2] https://salsa.debian.org/apt-team/apt/-/merge_requests/322 [3] https://code.launchpad.net/~wgrant/launchpad/4096r-ppa-keys/+merge/210336 [4] https://bugs.launchpad.net/launchpad/+bug/1331914 [5] https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1461834 -- debian developer - deb.li/jak | jak-linux.org - free software dev ubuntu core developer i speak de, en -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
