On Fri, Jul 10 2009, Werner Koch wrote: > On Fri, 10 Jul 2009 05:52, sriva...@ieee.org said: > >> I have a 4096 bit RSA key -- can I create 2048 or 3072 bit > > 4096 is in fact also supported but that would require major changes in > GnuPG, thus this published limit of 3072 > >> subkeys and only copy these keys to the card? Or will the fact that the >> primary key is 4096 bits stymie the operation? > > That works. > > However, 3072 bit signing had another bug which I fixed this morning. > Thus you need to use the latest SVN.
I can report that 2048 bit RSA subkeys can be generated on the
machine, transferred to the version 2 card, and they work.
However, working with gnupg2 from Thursday VCS, 3072 bit keys
can be created, transferred to the card, and may encrypt files, but
decrypting the file failed with a cryptic "card error".
I am now happy with my 2048 bit keys :-)
manoj
--
UNIX was half a billion (500000000) seconds old on Tue Nov 5 00:53:20
1985 GMT (measuring since the time(2) epoch). -- Andy Tannenbaum
Manoj Srivastava <sriva...@acm.org> <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
pgpeUQnlyzZ2y.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
