[Gnuk-users] Ed25519 for signing broken?

NIIBE Yutaka gniibe at fsij.org
Thu Feb 12 00:06:45 UTC 2015


On 02/12/2015 05:59 AM, Daniel Kahn Gillmor wrote:
> On Mon 2015-02-09 20:30:00 -0500, NIIBE Yutaka wrote:
>> I don't recommend using EdDSA signing yet.  It is OK for OpenSSH,
>> provided you don't distribute your public key with EdDSA subkey
>> widely.
> 
> Why should anyone avoid distributing their public key widely?  What risk
> is this preventing?

Let me clarify.  By "your public key with EdDSA subkey", I meant by
OpenPGP format.

When the format will be changed, the identifier (fingerprint) of
OpenPGP will be changed accordingly, even though a user wants to keep
using his private key.

There would be not much risk for distributing unstable key itself, but
the possible change of format which causes identifier change is the
risk for using the key.

Besides, I don't know if it's possible now.  I mean, whether the
proposed format is supported by keyserver implementations.

It is no problem distributing your EdDSA public key in OpenSSH format.
-- 



More information about the gnuk-users mailing list