Forum: help-en

Monitor Forum | Start New Thread Start New Thread
RE: Client unable to import public keys [ Reply ]
By: Bernhard Reiter on 2022-05-27 07:38
[forum:8415]
Hi James,

it is possible that there are incompatibilities on the algorithms that can be used
and are indicated in the public keys between implementations (aka products).

To give you some background:
The main standard is the "OpenPGP Message Format"
https://www.rfc-editor.org/rfc/rfc4880
which defines how implementations can exchange key material and messages.

However there are a number of algorithms to chose from and sometimes elder
and newer implementations do not implement all of them. So if one pubkey uses
an algorithm that the other implementation does not offer, it may not work.
For example if you create an ECC key with Curve25519 and the other implementation
can only to RSA it won't work.


So the next step for analysing the problem would be:
a) find our which product and version your clients are using and having problems with.
b) find out which the excat error or diagnostic message is.
c) Look at the detailed parameters of the key you have created, are those
standard settings an ECCs key. You could try with RSA 3072 or 4096 bit key-pairs
which are more backwards compatible with elder implementations.

Note that Gpg4win since 4.0.0 creates ECC keys with Curve25519 by default.

Regards
Bernhard

Client unable to import public keys [ Reply ]
By: james king on 2022-05-26 11:28
[forum:8414]
Hi there,
we have migrated away from symantec PGP onto PGP4Win with Kleopatra and all is going well!!!

one of our clients have said they are unable to import the public keys from one of our users?
i said this is not possible as the keys a universal and our migration over should make any difference!?
i have opened Kleopatra, right clicked my cert > Export to all three file types (asc, gpg & pgp) but after sending it to the client to import, they have said it wont import?

am i being stupid here? is there any reason someone wouldn't be able to import a public key which has been generated and exported from Kleopatra?

the client sent us their pubKey and we imported it just fine.
i have asked them to confirm what software they are using and waiting on a response, but, with my very limited knowledge, i'm quite sure this shouldnt be an issue regardless of their software???

many thanks for any info/suggestions