Web lists-archives.com

ed25519 keys and mentors.d.n




Hello,

I just tried to upload a package to mentors.debian.net and it got
rejected because is is signed with an ed25519 key:

gpg: Signature made So 08 Apr 2018 22:00:14 UTC using ? key ID C18A4F7D
gpg: Can't check signature: unknown pubkey algorithm

I guess the infrastructure has not been upgraded to GnuPG 2.

I know that elliptic curve cryptography is a bit bleeding edge but I
thought that GnuPG had support for it for long enough to make it safe to
use it in the context of Debian.  Does this limitation apply only to
mentors.d.n or does it apply to the Debian infrastructure in general?

/me generates a new signing subkey...

Cheers,
Dan