-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 03.05.2012 21:09, Robert J. Hansen wrote: > On 05/03/2012 01:14 PM, Ali Lown wrote: >> Does anyone know why the limit is set at 4096 bits > > The consensus of the cryptographic community is that beyond 3K keys > you really need to be switching to elliptical-curve cryptography. > A 3K RSA or Elgamal key is roughly as difficult to break by > brute-force as AES128, and that one's so hard that nobody with two > brain cells to rub together is going to try it. > > Although I am not a GnuPG developer, I have never heard anything > from the core devs which would make me think they are planning on > revisiting this limit to allow for extraordinarily large keys.
Although GnuPG won't allow generation for larger keys than 4096 bits without some hacking it will actually import and use such keys without any modifications being needed (could try to import e.g. [1] from [2]). So in that sense there seems to be some difference to the reported behavior to ssh-agent. Now, whether such a large key is really useful, that is indeed another question. [1] https://www.kfwebs.net/pgp/pubkey-large.txt [2] http://www.kfwebs.net/news/603/15360-bit-OpenPGP-key - -- - ---------------------------- Kristian Fiskerstrand http://www.sumptuouscapital.com Twitter: @krifisk - ---------------------------- Corruptissima re publica plurimæ leges The greater the degeneration of the republic, the more of its laws - ---------------------------- This email was digitally signed using the OpenPGP standard. If you want to read more about this The book: Sending Emails - The Safe Way: An introduction to OpenPGP security is now available in both Amazon Kindle and Paperback format at http://www.amazon.com/dp/B006RSG1S4/ - ---------------------------- Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCAAGBQJPotthAAoJEBbgz41rC5UIdSkQAIZ7h8aRF+pYjeOC1coPcnnP 6ZzU8gbYHlxD8V5nqgv09eQZ8R7iqSz2nXCW3uT4SYrNFs4dLQWqC64IGW419mfv 3RD66lEZx0iKukzmzSWeLhjGBECyhbQfSoKG8i78OXZPP8eUFziddheQMQix7yyK wRcMNl1Rk0FoytlL7/DJOIzVrGJkwMeeZ+kgYunNlk+KokavW66eH0F837y3TmNi M08JAgSXbogoDTP4y8opmnRjES8WdkvZHaOUkYN3YSPpMet7hCX8uyfGyJXDV+gi l79f0ltLiEFj7IYYSXVKsJ2c28tEkDBMcz/meYoy4W0kEReuAKM5Kn+OJoSrMTHI 8pfNeBMiYmvpJjHptvxtQNT8G/OEsXQfzsJl34FrWxrHFqHH8v445L+yryDRJzNd Xy/AWPqpz51RuLYpcLnYmBKt4630hdmnCJf5DSPh4mrnpDFry/ekL5nFXjKPTEq8 AdsyK9JVGKtxerS+OEGeHc6zKIcM6edZNiByyDMwwf8SsJeoq92N/4fO839FapZj nmlow5lqGPMotrO2im4HzgWDXnRzmUbJJfsDsCRZYzIewT1Y9F313RQdP4taMQhB lr1aDM5xrft4mnkKRMwHvNVBpWFdP04P1DaOdV5FTj1kJpDqmzD6U+bvKf6Sh/W4 e21RSyf988sHPzn93GGg =FS9I -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users