Обсуждение: BUG #17026: Deprecate 1024-bit DSA PGP Keys (Disallowed by NIST since 2011)
BUG #17026: Deprecate 1024-bit DSA PGP Keys (Disallowed by NIST since 2011)
От
PG Bug reporting form
Дата:
The following bug has been logged on the website: Bug reference: 17026 Logged by: Michael Altfield Email address: postgresql_2021@michaelaltfield.net PostgreSQL version: Unsupported/Unknown Operating system: CentOS7 Description: Hello, Can you please upgrade your PGP key to use 4096-bit RSA? https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG-12 The above-linked PGP key for PostgreSQL v12's yum repo is as follows user@disp1656:~$ wget https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG-12 --2021-05-19 17:19:07-- https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG-12 Resolving download.postgresql.org (download.postgresql.org)... 87.238.57.227, 147.75.85.69, 72.32.157.246, ... Connecting to download.postgresql.org (download.postgresql.org)|87.238.57.227|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1722 (1.7K) [application/octet-stream] Saving to: ‘RPM-GPG-KEY-PGDG-12’ RPM-GPG-KEY-PGDG-12 100%[===================>] 1.68K --.-KB/s in 0s 2021-05-19 17:19:08 (22.8 MB/s) - ‘RPM-GPG-KEY-PGDG-12’ saved [1722/1722] user@disp1656:~$ sha256sum RPM-GPG-KEY-PGDG-12 991821e20c4af66314b023db867c7ee8d593f249b9732cbacba7bcd7b25e9604 RPM-GPG-KEY-PGDG-12 user@disp1656:~$ gpg RPM-GPG-KEY-PGDG-12 gpg: WARNING: no command supplied. Trying to guess what you mean ... pub dsa1024 2008-01-08 [SCA] 68C9E2B91A37D136FE74D1761F16D2E1442DF0F8 uid PostgreSQL RPM Building Project <pgsql-pkg-yum@postgresql.org> sub elg2048 2008-01-08 [E] user@disp1656:~$ First-of-all, can you please confirm that the above PGP key is the correct, official PGP key that the PostgreSQL team uses to sign their releases? Second, as you can see from the above output, the key is dsa1024. This is extremely surprising because 1024-bit DSA keys became "Disallowed" by NIST a decade ago in Special Publication 800-131A: https://csrc.nist.gov/publications/detail/sp/800-131a/archive/2011-01-13 Unfortunately, my organization takes security very seriously, and since 1024-bit DSA signatures have been recognized by the security community to be untrustworthy for over 10 years, we cannot use PostgreSQL because the supply chain can't be trusted. The solution to this is pretty simple: rotate your keys to the modern standard key type and size. I recommend using 4096-bit RSA keys for both signatures and encryption. Please formally deprecate your old PGP keys using 1024-bit DSA and replace them with a keypair that uses 4096-bit RSA. After minting your replacement keys and before they're formally used, you should publish a cryptographically-signed statement indicating the change and sign it with both the old key and the new key. For an example of such a statement, see: https://tech.michaelaltfield.net/2017/10/01/gpg-key-transition-statement/ Please let me know if you have any questions or concerns about the PGP keys and release signatures. Thank you, Michael Altfield https://www.michaelaltfield.net PGP Fingerprint: 0465 E42F 7120 6785 E972 644C FE1B 8449 4E64 0D41 Note: If you cannot reach me via email, please check to see if I have changed my email address by visiting my website at https://email.michaelaltfield.net