[Bug 2090995] Re: gnupg2 is not OpenPGP compliant
Ural Tunaboyu
2090995 at bugs.launchpad.net
Thu Jul 10 20:04:48 UTC 2025
Ubuntu 24.10 (Oracular Oriole) has reached end of life, so this bug will
not be fixed for that specific release.
** Changed in: gnupg2 (Ubuntu Oracular)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnupg2 in Ubuntu.
https://bugs.launchpad.net/bugs/2090995
Title:
gnupg2 is not OpenPGP compliant
Status in gnupg2 package in Ubuntu:
Fix Committed
Status in gnupg2 source package in Noble:
New
Status in gnupg2 source package in Oracular:
Won't Fix
Status in gnupg2 source package in Plucky:
Fix Committed
Bug description:
[Impact]
GnuPG 2.4 defaults to generating keys that are incompatible with other OpenPGP implementations, following a schism in the OpenPGP community leading to GnuPG upstream to declare its own LibrePGP "standard".
We should revert these changes such that keys generated on 24.04 are
interoperable again.
[Test Plan]
TBD
[Where problems could occur]
Particularly concerning would be an inability to verify signatures from keys previously generated on 24.04; our test plan should ensure that a v5 key's signatures can still be verified after we switch back to v4 keys by default.
There are some unknowns in how users might have come to rely on some
v5-only features that are once again hidden behind an option, like the
ed448 keys.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnupg2/+bug/2090995/+subscriptions
More information about the foundations-bugs
mailing list