I recently, generated a new keypair (GPG4win), and the defaults presented where
RSA/2048. I did, some digging around on the RSA vs DSA thing and RSA still seems
to be the recommended way to go, the only thing I did was up my key size to
4096 I left all the other defaults.....
On Monday, June 23, 2014 11:52 PM, Werner Koch <w...@gnupg.org> wrote:
>
>
>On Tue, 24 Jun 2014 05:55, fr...@frase.id.au said:
>
>> rounds today. Quite a lot of good info, especially regarding key
>> strength and expiry, and digest preferences.
>
>Just for the records: _I_ do not consider the use of a 4096 bit RSA key
>and a preference for SHA-512 a best practice. For a secure system it is
>important to make the system stronger and not parts of the system which
>will never be attacked in real life. Granted, there are user with a
>need for non default algorithms, but those users have the resources to
>develop a security policy which fits their use case.
>
>How does a help 4096 key help if I can send you an encrypted mail which
>will lock up your MUA until you kill it (unless your MUA has some kind
>of timeout mechanism). There are more important things to be made
>stronger than the key size.
>
>
>Salam-Shalom,
>
> Werner
>
>--
>Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
>
>_______________________________________________
>Gnupg-users mailing list
>Gnupg-users@gnupg.org
>http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>
>
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
