[aur-general] Fwd: gnupg-largekeys in AUR

Ido Rosen ido at kernel.org
Thu Nov 28 12:48:25 EST 2013


On Thu, Nov 28, 2013 at 10:49 AM, Jerome Leclanche <adys.wh at gmail.com>wrote:

> What's the outcome on this? I'm interested in large keys in default gnupg.
>
> That said, is there a reason why the patch isnt upstream yet?
> J. Leclanche
>
>
It was rejected upstream previously a few times.

If we want it, it has to be a patch on upstream in our gpg version.  I
believe the reasoning that allowing larger key sizes are a performance
issue for mobile does not really apply here.

Even gpg 2.1. dev is still limited to 4096:
Line 1943, max=4096:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=g10/keygen.c;h=4bb8bbaed4b27a977b3c2b543dafd335acb538df;hb=refs/heads/master#l6

Ido


>
> On Mon, Nov 4, 2013 at 3:12 AM, Ido Rosen <ido at kernel.org> wrote:
> > Hi,
> >   I've added gnupg-largekeys, which is the gnupg from Core, but patched
> to
> > extend the maximum key size to 65535 bits.  Please note that unpatched
> > versions of gnupg can only import/encrypt to/verify signatures of key
> sizes
> > up to 16384 bits large, so you could keep your key sizes less than or
> equal
> > to that size for compatibility.
> >
> > https://aur.archlinux.org/packages/gnupg-largekeys
> >
> > I think gnupg2-large-keys.patch would be a great addition into the Arch
> > Core gnupg package, if not in its current form then at least modifying it
> > to increase the max key size to 16384 instead of 65535.  For some
> > interesting numbers, take a look at
> > http://www.ecrypt.eu.org/documents/D.SPA.20.pdf (especially Table 7.2,
> see
> > 15424 bit RSA keys).  Basically, it'd be nice for users to be able to
> > create keys larger than 4096 bits.
> >
> > Cheers,
> > Ido
>


More information about the aur-general mailing list