> NIST 2012 also recommends similar key sizes (15360 bits).
These are only projections to show that there is a need to switch to EC
keys. Regarding the key size I can only point to the FAQ and the
endless discussions on gnupg-users.
> It is also against the GNU coding standards to have arbitrary limits such
> as these. ("Avoid arbitrary limits on the length or number of any data
The GNU standards partly recommend ideas dating back to a time the
Internet was young and innocent. Nowadays connecting a box to the
Internet means to vulnerable to a wide range of of attacks. Having no
limits on input data and allocating buffer dynamically is a an easy way
to DoS a service.
If you look at GnuPG code you will notice that there is no silent
truncation of lines. If there is one, please report it as a bug.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
