[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bits from keyring-maint

On Wed, 2010-09-15 at 15:14 +0200, Marco d'Itri wrote:
> I suppose that this was not the result of cargo cult engineering, so if
> these new recommended key values have been selected as the result of a
> process I am curious to know the rationale which lead to the choice.
> It really looks like a simple question to me.

I guess the reason is probably quite easy, isn't it?

- 4096 bit is what can be created with gnupg, without any patching and
it is supported to be used by all major RFC 4880 implementations
(without any patching).

- The primary key should be only used for signing other keys anyways,
and dedicated signing subkeys to sign data. Therefore it's not a big
deal (performance-wise) if the primary is "very large".

- One can clearly expect that computation-power advances, and lower
keysizes won't be enough in the future (even 4096 at some point of

As long as ECC is not available in OpenPGP (and well tested in GnuPG),
it also makes sense to me to suggest RSA instead of DSA1/2.
Attached is a mail from Werner at the metzdowd list, which nicely
explains why.


Attachment: Re: Debian encouraging use of 4096 bit RSA keys.mbox
Description: application/mbox

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to: