Right, there's a missing error message or two somewhere, but the underlying problem is that NSS doesn't support "extended DSA" from FIPS 186-3. In more practical terms, it means that rpm doesn't support DSA with > 1024 key sizes, whereas GPG apparently defaults to 2048bits nowadays.
Right, there's a missing error message or two somewhere, but the underlying problem is that NSS doesn't support "extended DSA" from FIPS 186-3. In more practical terms, it means that rpm doesn't support DSA with > 1024 key sizes, whereas GPG apparently defaults to 2048bits nowadays.
Here's the NSS bug: https:/ /bugzilla. mozilla. org/show_ bug.cgi? id=475578, doesn't seem to be a whole lot happening on it :-/
In the meanwhile, either limit the DSA key to 1024 bits or use RSA keys.