At 05:38 PM 03/23/2002 -0800, Lucky Green wrote: >While the latter doesn't warrant comment, one question to ask >spokespersons pitching the former is "what key size is the majority of >your customers using with your security product"? Having worked in this >industry for over a decade, I can state without qualification that >anybody other than perhaps some of the HSM vendors would be misinformed >if they claimed that the majority - or even a sizable minority - of >their customers have deployed key sizes larger than 1024-bits through >their organization. Which is not surprising, since many vendor offerings >fail to support larger keys.
While SSL implementations are mostly 1024 bits these days, aren't PGP Diffie-Hellman keys usually 1536 bits?