Page MenuHome GnuPG
Create Task
Maniphest T6929

Kleopatra: Allow revocation of RSA 2048 keys
Testing, NormalPublic
Actions

Description

Seems we have VSD customers who used old OpenPGP Keys with RSA 2048.

Standard procedure on changing a key would be to revoke the old key and distribute the public key together with that of the new compliant key.
But as you get the error message "invalid public key algorithm" when trying to use the key, you can not even revoke it.

I believe at least revocation should still be possible. How can we do that?

Personally I would prefer it if keys with algorithms not approved by the BSI would be usable if you acknowledge something like "I know this is not VS-NfD compliant".

Related Objects

Event Timeline

ebo created this task.Jan 11 2024, 10:57 AM
werner changed the task status from Open to Testing.Jan 11 2024, 12:00 PM
werner triaged this task as Normal priority.
werner added a subscriber: werner.

Already done with rG89c7eccba51554 which will be in the next VSD release.

werner renamed this task from Kleopatra: Allow revokation of RSA 2048 keys to Kleopatra: Allow revocation of RSA 2048 keys.Jan 12 2024, 4:44 PM
werner mentioned this in T6578: Release GnuPG 2.4.4.Jan 25 2024, 11:37 AM