Hey sluggers, do you have experience of any problems using gpg's --disable-dsa2 option?
gnupg 1.4.6 is what I am using (Ubuntu 8.04), although later today I should have a chroot for Ubuntu 10.04 if that makes any difference. --disable-dsa2 Enables new-style DSA keys which (unlike the old style) may be larger than 1024 bit and use hashes other than SHA-1 and RIPEMD/160. Note that very few programs currently support these keys and signatures from them. I have only ever given my current key to about three people, and my root master/ private key has an old email address from 12+ years ago which I wish to make disappear. So I am going to create a new master key (pair). Having just re-read the Gnu Privacy Handbook (GPH), it says: "DSA allows a key size up to 1024 bits. This is not especially good given today's factoring technology, but that is what the standard specifies. Without question, you should use 1024 bit DSA keys." Is there any reason I should not use --disable-dsa2 ? tia zenaan -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html