[pacman-dev] [PATCH] pacman-key: change signing key to ed25519

Jonas Witschel diabonas at archlinux.org
Wed Nov 4 23:23:59 UTC 2020

On 2020-11-04 21:53, Geert Hendrickx via pacman-dev wrote:
> Larger RSA keys are not the way forward, switch to ed25519 instead.
> This will also become the default in the next version of GnuPG.
> [...] 
> -Key-Type: RSA
> -Key-Length: 4096
> +Key-Type: EDDSA
> +Key-Curve: ed25519

I will note that the strength of Ed25519 is estimated to be roughly comparable
to RSA 3027 [1], so the currently chosen RSA 4096 is actually a slightly
stronger algorithm. I am not saying that this is an argument against using
Ed25519, which I believe offers ample security for the foreseeable future, but
to be honest, I do not see a pressing need to switch either:

One main benefit of elliptic curves is the much smaller key size, but that is
not important for a locally-generated signing key that by design will never be
shared with anyone else.

On the other hand, Ed25519 is still not formally included in the OpenPGP
specification [2]. (Again, this is not necessarily an argument against its
internal use in pacman, since it only needs to be processable by GnuPG.)

However, given the above facts, personally I would feel more comfortable
holding back this change for now, at least until GnuPG has actually made the
switch to Ed25519 as its default algorithm.


[1] https://ed25519.cr.yp.to/
[2] https://tools.ietf.org/html/rfc4880
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/pacman-dev/attachments/20201105/fcfe6921/attachment.sig>

More information about the pacman-dev mailing list