Comment 0 for bug 2055193

I don't know if this will land before the feature freeze but I'm filing this in any case:

Our goal for 24.04 is to reject 1024-bit RSA repository signing keys. Work is ongoing in Launchpad to allow dual-signing PPAs and then resign all PPAs with a 4096-bit key.

This needs the following changes:

1) The gnupg upstream commit for https://dev.gnupg.org/T6946 needs to be backported
2) APT needs to learn to pass the argument if supported
3) APT needs to learn to interpret the output
4) APT possibly may have to learn to issue warnings instead of errors for weak keys and pass the URL to the gpgv method to allow 1024-bit RSA keys over TLS connections, in case there are unforeseen issues with the PPA migration.

Signing key policy: We would like to adopt a signing key policy of

rsa>2048,ed25519,ed448

As a result we would like to reject

- RSA keys below 2048 bits
- DSA keys
- Unsafe ECC keys:
  - NIST P-{256,384,521}
  - Brainpool P-{256,384,512}
  - secp256k1

Notes:
- DSA keys are not possible to use anymore due to the deprecation of SHA1 that happened years ago
- NIST and Brainpool and secp256k1 are not very popular, https://safecurves.cr.yp.to/ lists all of them as unsafe. It is believed they have backdoors. Some FIPS customers may prefer them over Ed25519 and Ed448 as they have been approved longer, so it's possible fips support packages could reenable them by setting the correct apt.conf setting in a snippet.