Frank Guthausen <fg.debian@shimps.de> writes:

On Fri, 02 May 2025 15:49:48 +0200 Justus Winter
<justus@sequoia-pgp.org> wrote:

when creating an Ed448 key, GnuPG creates a non-standard artifact:

Which standard/version are you referring to?

I was observing a member of the Debian community creating such an key,
and then unsuccessfully trying to upload it to various key servers, as a pre-requisite to getting it certified by other people. Therefore, I
think GnuPG as packaged by Debian did them a dis-service, and I wanted
to report that.

Being an OpenPGP developer, I expressed this from a very technical
angle, whereas I should have focused on the user experience. For
example, I wouldn't have objected to GnuPG creating a version 4 primary
key using EdDSA over Ed25519, though technically that also is kind of a non-standard artifact [0] even though it was standardized after the fact
[1]. But, it is a widely supported artifact that the user would have
had no problems submitting to key servers and having other software interoperate with.

0: https://datatracker.ietf.org/doc/draft-koch-eddsa-for-openpgp/
1: https://www.rfc-editor.org/rfc/rfc9580.html#section-9.2-6

Best,
Justus

-----BEGIN PGP SIGNATURE-----

wsC7BAEBCgBvBYJoJf0+CRCI3H4zOF95HUcUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcjAeR+0/eULjkF+KToy/GviVbMV9m0Z/DIAORXePb+ eBYhBCVqTlXkpy2XrSRo54jcfjM4X3kdAACfSAf/aAliazuSQXxwtnQklfeKIteE n2crQjVcFaMv4Qvp6kPZdUdcAjGsUG6QMCR3U4EhDP5XiJotmWUl4CgXV8hF4idR lq7OGihf+DD7N+3IikQi2RZMhTDfjjh5iufSdq5POCcF/zXlJ9DiU5uAWarkG4NT HCW49FRhSp3TZcMU82V7Cr5KyHi41iJGR5ZjI/oFk8rzryBCkZG4yTOFqulHUN84 YkLrrKqPgfAFiK14dyXJQ/LTsM/vLM1t6MtO052Z5CoJRd4FiLi9+QkWKGsxNfRG KUHd5086LVV/ZDEsfnnSxK9fZ3dieJOAxGux8yAQHLQENF4sdgMl7c81xDNksw==
=GvyR
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)