[Announce] GnuPG 2.2.1 released
ilf at zeromail.org
Tue Sep 19 17:37:51 CEST 2017
Thanks for the release!
> Noteworthy changes in version 2.2.1
Is there a reason the changes defaulting to 3072-bit RSA keys  and
AES-256  from refs/heads/master did not make it into
I would really love to see these changes in wide use - and I fear
waiting for 2.3 will push this back for years for many users.
I really see no argument against making those changes default in 2.2.
OTOH, the NSA is apparently developing a new supercomputer named
"WindsorGreen" believed to attack crypto, probably even "breaking
older/weaker (1024 bit) RSA keys".  Now obviously, this is no proof,
and 2048 bit RSA is still good, but it seems a good reminder to put some
more safety margin between us and powerful attackers. Especially since
these changes apply to newly generated keys, which are often used for
many years to come.
On a sidenote, https://git.gnupg.org/ still links to 1.4, 2.0 and 2.1,
but not 2.2. This could probably be adjusted.
Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
-- Eine Initiative des Bundesamtes für Tastaturbenutzung
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the Gnupg-devel