1024-3072 bit OpenPGP cards
dshaw at jabberwocky.com
Mon Jul 20 19:57:43 CEST 2009
On Jul 18, 2009, at 5:54 AM, Philipp Schafft wrote:
> On Fri, 2009-07-17 at 11:26 +0200, Werner Koch wrote:
>> 2) Always ask for the key size and use as default the current size.
>> Show a warning notice if the user entered a different size.
>> 3) Same as 2 but do this only with --expert.
>> 4) Add a new command "keysize" to manually set the keysize for each
>> key. Print a warning notice before key generation if the key
>> of the card are not all the same and tell the user about the
> I vote for 3+4:
> while using --expert you get asked every time, this is good for
> as they know the problems. But as --expert is normaly the wrong
> there need to be a better way to set it, even without --expert. This
> be done by a additioal command (btw. I would use something including
> 'card' in the command name).
My problem with a "keysize" command (#4) is that it makes key
generation into two steps. First the user must run "keysize", and set
the size they want (and if the size isn't supported, they will get an
error). Then they must generate the key.
#2 just combines the "keysize" and "generate" functions into a single
command, as people are used to from regular key generation.
More information about the Gnupg-devel