1024-bit signing keys should be deprecated
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Fix Released
|
Undecided
|
Unassigned | ||
apt (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
gnupg2 (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
1024-bit RSA was deprecated years ago by NIST[1], Microsoft[2] and more recently by others[3].
1024-bit signing keys are insufficient to guarantee the authenticity of software distributed from Launchpad.net including PPAs. There should be a mechanism to refuse signing keys below a minimum key length based on key type. 1024-bit signing keys should be deprecated and removed from Launchpad.net itself ASAP. Future projects and PPAs should be disallowed from using 1024-bit signing keys.
1. http://
2. http://
3. https:/
information type: | Private Security → Public Security |
description: | updated |
tags: | added: encryption needs-update security vulnerability |
Changed in apt (Ubuntu): | |
status: | Invalid → Confirmed |
Changed in launchpad: | |
status: | New → Confirmed |
assignee: | nobody → wachirapranee tesprasit (tatar28) |
Changed in apt (Ubuntu): | |
assignee: | nobody → wachirapranee tesprasit (tatar28) |
Changed in gnupg2 (Ubuntu): | |
assignee: | nobody → wachirapranee tesprasit (tatar28) |
Changed in launchpad: | |
status: | Confirmed → Fix Released |
Changed in apt (Ubuntu): | |
status: | Confirmed → Fix Released |
Changed in gnupg2 (Ubuntu): | |
status: | Confirmed → Fix Released |
description: | updated |
description: | updated |
Changed in launchpad: | |
assignee: | wachirapranee tesprasit (tatar28) → nobody |
Changed in apt (Ubuntu): | |
assignee: | wachirapranee tesprasit (tatar28) → nobody |
Changed in gnupg2 (Ubuntu): | |
assignee: | wachirapranee tesprasit (tatar28) → nobody |
Changed in launchpad: | |
status: | Fix Released → New |
Changed in apt (Ubuntu): | |
status: | Fix Released → Invalid |
Changed in gnupg2 (Ubuntu): | |
status: | Fix Released → Confirmed |
+1, I agree that this is very important.