Draft of nine new FAQ questions
dshaw at jabberwocky.com
Wed May 23 22:12:25 CEST 2012
On May 23, 2012, at 12:18 PM, Robert J. Hansen wrote:
> I have a draft version of nine frequently asked questions ready for
> community review:
> Note that this draft is in nicely-typeset XHTML5. This is to make it
> easier to proofread. The final version that I'm going to submit to
> Werner will be in plain text, so please, no suggestions about fonts,
> visual design, layout, or anything else like that.
> Any and all feedback (save for visual design, layout, etc.) will be
> gratefully accepted. Thank you!
Very nice work.
I have just three minor notes:
#1 explains why we default to 2048-bit keys, but not why RSA. What NIST stated about key strength is true for any 2048-bit OpenPGP key (DSA or RSA). The reason why we switched to RSA in 2009 was mainly for reasons of being able to use a larger primary key. DSA was inherently capped at 1024 bits (and a 160-bit hash), and while DSA2 existed (so we could theoretically have used a 2048-bit DSA key instead of RSA), it was not nearly as widely implemented across the OpenPGP user base as RSA was.
The answer you have for #4 is not exactly wrong, but it is not complete. GnuPG doesn't support 4096-bit keys just because PGP (the product) does. It also supports a range of key sizes because OpenPGP (the standard) does. And it also supports a range of key sizes because people want/need them (local policy for key length, for example, as you note in the answer to #3). GnuPG is a powerful and flexible tool, and that includes the power and flexibility to do things that are not necessarily recommended by the GnuPG developers.
For #10, it might be worth mentioning something about the use of different hash lengths (q) for the different DSA sizes. The two sort of go hand in hand. Or for that matter, perhaps a question #11 "How come my signatures from my 2048-bit DSA key use a different hash than those from my 1024-bit DSA key?" would be interesting.
More information about the Gnupg-users