On Tue, 15 Oct 2019 15:17, Robert J. Hansen said: > * Every reference to the SKS keyserver network now points to > keys.openpgp.org. Reason: the SKS attacks a few months ago.
I have to object against this change. The SKS server network is still useful and definitely more useful than an non-matured and centralized keyserver. I am okay with removing explicit reference to the SKS network for now but suggesting the use of that specific keyserver is a no-go. > * All references to 2048-bit crypto are updated to refer to 3072-bit > crypto. Reason: GnuPG now defaults to 3072-bit RSA. Okay. But this +your certificate uses 2048-bit keys we recommend retiring them and +migrating to a new keypair of at least 3072 bits length. You can do is a no-go because we will have a hard to time to convice people that this is just a geek suggestion and that for almost all general use of gpg the existsing keys are still fine. Actually 2k keys are still allowed in Germany for restricted communication and there is no need for an immediate rush to 3k. I also wonder why you removed this -If you need more security than RSA-2048 offers, the way to go would be -to switch to elliptical curve cryptography — not to continue using -RSA. GnuPG's future default is already ECC and some hosted mail services are already creating such keys. GnuPG will switch to that with 2.3 which is not that far away. > (Note: I just committed the FAQ changes. It may take a couple of days > for the documentation on the website to be regenerated.) That is a matter of minutes. I only had a brief look at it but I can't see that your changes are subject to frequently asked questions here. The GnuPG FAQ is for all GnuPG users and should not again start reflect the view of some crypto geeks or give advises which will lead only to trouble. I am sorry for having to write these harsh comments: In contrast to discussions on the mailing list the FAQ reflects the opinion of the GnuPG project and as such substantial changes need to be discussed first. I would suggest to create a branch and revert the changes in master until an agreement has been reached. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users