js' blog

New GPG key
Created: 11.01.2015 00:47 UTC

I have a new GPG key now (signed by my old key). This key is a little bit special, though, as it requires at least GnuPG 2.1.

The reason for this is that it uses Ed25519 for the main key and RSA 4096 for the encryption key. Unfortunately, it's not possible yet to use Ed25519 for encryption, but this is expected to change soon with a new GnuPG point release. Another disadvantage is that most key servers are not able to handle such keys yet, but the software for the key servers already has support for Ed25519 keys commited, so all that's needed is that operators upgrade.

While this has a lot of disadvantages, I decided to give it a try anyway, as I think this is the right way to move forward. While ECC with the NIST curves has already been specified in an RFC, using Ed25519 so far has not. There is a draft from Werner Koch though and since GnuPG already implements it, I'm sure this is only a matter of time.

Another nice side effect of using Ed25519 is that signatures are much shorter, allowing me to sign every commit I do. I'm not sure yet whether I will sign ObjFW releases with the same key or with a new key signed by this key. Having a release signing key has the advantage that it's much harder to compromise that key, as it's only rarely used.

Edit: This seems to be a key server accepting Ed25519 keys.

Edit 2: I also have a 4096 bit RSA key now, in case you absolutely cannot upgrade to GnuPG 2.1 for whatever reasons (though you should, as even the old algorithms were hardened there). I will use both keys, but I will sign all my commits only with the Ed25519 key to keep the sizes of the repos reasonable, so if you want to verify those, you have no choice but to upgrade.

My Ed25519 and RSA key sign each other and their fingerprints are:

Ed25519: E8F4 B5D1 607C 6DDB A3C6  FA41 D8C2 8F99 13CE F75C
RSA4096: 2FA4 A252 B8DC C53A 1D34  E2E1 BD90 B760 3030 94D7

Keep in mind though that you should not completely trust the fingerprints you see here, as they are only as secure as TLS and the webserver are - and we all know TLS is not really secure.

Edit: The keys have been replaced.