pull down to refresh

Help me with some PGP (cv25519) key.
248 sats \ 3 comments \ @_Bubble_2009 28 Apr AskSN
Hi there to all,
I will try to explain the situation to you. I have PGP keys that I created a couple of years ago for some clients using Kleopatra on their windows computers. Now that they have updated the whole system (they had never done updates) I have problems with their keys and Thunderbird.
Kleopatra, by default, use cv25519 algorithm and now Thunderbird don't accept this kind o keys. Also keyserver.pgp.com don't accept those keys.
My keys, on the other hand, created with openpgp under Debian using the rsa3072 algorithm work perfectly.
At this point I find myself with their keys that will expire in August 2026 and I don't know how to deal with everything. I wish I didn't have to revoke the certificate everywhere, also because I have no idea where their signature has already spread.
Have you already addressed this issue and do you have any suggestions? I tried to search the net, but it doesn't seem to me that there is the possibility of upgrading the algorithm to existing keys and that it is not even possible to overwrite these same keys.
For the sake of truth, I have to say that these keys continue to work on Android with OpenKeyChain.
write
preview
related posts
0 sats \ 1 reply \ @purpurato 28 Apr
Why don't you create new keys and let the old ones expire? The point with PGP is to be sure that the issuer is actually the real issuer.
reply
0 sats \ 0 replies \ @_Bubble_2009 OP 28 Apr
Why don't you create new keys and let the old ones expire? The point with PGP is to be sure that the issuer is actually the real issuer.
Because I have the doubt that someone can use the old keys and that these people cannot then open the messages because it does not seem to me that Thunderbird accepts an old key.
I'm not completely sure what I wrote above, but I'm afraid it could happen since I haven't revoked the old keys.
reply
0 sats \ 0 replies \ @_Bubble_2009 OP 28 Apr
I've told that keyserver.pgp.com don't accept cv25519 key, but I've one of those key that also keyserver.ubuntu.com reject.
Then, I've also discover that Kelopatra allows you to create keys using usernames of only three letters, but the same keyserver that Kleopatra relies on rejects them.
However, I don't think I've seen a specific git for kleopatra to report this problem.
reply