[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Moving to stronger keys than 1024D

On Sat, Oct 5, 2013 at 7:02 AM, Aníbal Monsalve Salazar wrote:

> It has been considered irresponsible to use 1024D keys at this point in
> time.
> What are the plans to disable 1024D keys?

There are more people using 1024-bit keys than >= 2048-bit keys (in
debian-keyring.gpg), many of these are active developers, some not so
active. It would be a major human resources issue for Debian to
disable all of those keys but I guess it is the only way to get people
to migrate to stronger keys.

    654 pub   1024D
      1 pub   1024R
     27 pub   2048R
      2 pub   3072R
    306 pub   4096R
      2 pub   8192R
      1 pub   10240R

> If you think SHA1 is still safe

I note that OpenPGP V4 fingerprints are SHA-1 and OpenPGP V5 doesn't exist yet.



Reply to: