FAQ: Re: key length
Robert J. Hansen
rjh at sixdemonbag.org
Sun Aug 3 03:47:40 CEST 2014
> This makes me curious: Is there an example for an OpenPGP
> implementation that only support <= 2048-bit RSA keys? Still in
> usage?
Yes. My smartcard, for instance, only supports 2048-bit RSA. Larger
keys can't be migrated to them.
> I haven't read the ENISA recommendation in full length. If they
> allow 2048 bit for old applications or up to a specific point, it
> would be an improvement to say so. It may make sense to directly link
> to their recommendation paper.
I'll see about digging up a specific reference.
> You may consider using a different word here. As someone who speaks
> English as a foreign language, I had to look "imminently" up to be
> sure about its meaning.
Easy enough to accommodate. :)
> Wasn't there something about the current OpenPGP smartcards only
> being able to deal with 3072-bit keys?
Some can support 3072-bit RSA. Many can only do RSA-2048.
> I recommend to leave out the next question and answer, it does not
> add much significant information.
Eh. I think it has a point, but I can definitely work on making that
point more clear.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3744 bytes
Desc: S/MIME Cryptographic Signature
URL: </pipermail/attachments/20140802/c7025336/attachment.bin>
More information about the Gnupg-devel
mailing list