intelligent behaviour when signing with backwards compatible key in sign+encrypt operation

pqc-thunderbird / rnp

Manual clone of the repository https://github.com/rnpgp/rnp

Other

0 stars 0 forks source link

intelligent behaviour when signing with backwards compatible key in sign+encrypt operation #45

Closed falko-strenzke closed 3 months ago

falko-strenzke commented 5 months ago

use pq signature key iff recipient has pq key, too? rnp should be able to decide this

falko-strenzke commented 4 months ago

@TJ-91 I think this is what you implemented now in pqc-ui, right? So we can close it.

TJ-91 commented 4 months ago

I implemented it in our Thunderbird fork since Thunderbird implements its own logic.

Edit: Also it's for encryption subkeys (not signature subkeys).

falko-strenzke commented 4 months ago

OK, I see now that I meant something different here: to choose the own signature subkey according to the capabilities of the recipient, which are determined based on whether they have a PQC encryption key etc.

falko-strenzke commented 4 months ago

@TJ-91 thinks about features flags for PQC signature support and inputs result into draft / issue for draft.

TJ-91 commented 3 months ago

It's a general OpenPGP problem. Signaling signature algorithm support is just not intended in OpenPGP. I'm currently not convinced that a PQC / PQC Signature feature flag will solve any real issue.