On Sep 16, 2008, at 11:03 PM, Kevin Hilton wrote:
Although you would have to go to lengths to create an ElGamal signing
key (rather than a DSA or RSA key), is use of an ElGamal signing key
still considered to be bad behaivor? The last article I read from
2003 suggested ElGamal signing keys (strictly different than ElGamal
encryption keys) had been compromised:
http://silverstr.ufies.org/blog/archives/000415.html
There was a bug in the Elgamal signing key code in GPG back then.
There is no longer a bug... and there is also no longer Elgamal
signing key code. Elgamal signing keys were dropped from the OpenPGP
standard in RFC-4880, and so will not be supported in GPG.
As a side note, are there any other possible algorithms that may be
used to generate a signing key other than DSA/RSA/ElGamal.
Yes, but not in OpenPGP.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users