gnupg2 in Trusty is incompatible with ECC keys
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gnupg2 (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Using Ubuntu 14.04.2 LTS with gnupg2 2.0.22-3ubuntu1.3 (trusty updates)
As a result of an answer to a question placed on answers.
I expect to be able to check signatures on all signed emails and to decrypt all encrypted mails and other documents sent to me.
An increasing number of emails cannot be verified for signature and encrypted emails and other documents cannot be decrypted using Ubuntu 1404 LTS. The reason is linked with the release by gnupg.org in 2014 of the 'Modern' series of gnupg2 2.1.xx.
Amongst many other improvements, this modern series has introduced elliptic curve (ECC) public key encryption defined in RFC-6637. An increasing number of people are now using these keys and they are incompatible with gnupg2 2.0.xx (and also with gnupg1.4.xx). So a gulf exists now between users of the new 'modern' gnupg2 2.1.xx and users of older versions and this gulf is widening each week.
Gnupg2 2.1.xx cannot co-exist on a computer with the older 2.0.xx series so those who are sending out documents signed or encrypted with ECC cannot revert easily to the 2.0.xx series if their recipient cannot handle ECC. Other client applications like enigmail have announced the forthcoming abandon of support for 1.4
The new modern series of gnupg2 is now at release 2.1.4 and is in successful operation in the experimental branch of Debian.
It appears increasingly important that Ubuntu users should have support for gnupg2 'Modern' 2.1.xx and perhaps further development of gnupg2 packages should concentrate on this modern series.
Changed in gnupg2 (Ubuntu): | |
importance: | Undecided → High |
tags: | added: upgrade-software-version xenial |
Status changed to 'Confirmed' because the bug affects multiple users.