Changing GPG's default key type

David Shaw dshaw at jabberwocky.com
Mon May 4 19:00:53 CEST 2009


On May 4, 2009, at 11:50 AM, Daniel Kahn Gillmor wrote:

> On 05/04/2009 10:40 AM, David Shaw wrote:
>> Currently, GPG's default key type, the one that is recommended to all
>> new users, is a DSA primary key (1024 bits - not "DSA2") with an  
>> Elgamal
>> subkey.  We are currently thinking about changing the default  
>> primary to
>> a 2048-bit RSA key.
>
> I fully support this change.  FWIW, openssh has been defaulting to
> 2048-bit RSA keys for several years now, and has a similarly diverse
> array of tools with which it must interoperate.  I've seen no
> significant problems reported on openssh-unix-dev since the  
> changeover.

I didn't know it when I first proposed the idea, but it seems that PGP  
desktop also switched over to a RSA default a version or two back as  
well.

David




More information about the Gnupg-devel mailing list