GnuPG cryptographic defaults on the 2.2 branch
ilf at zeromail.org
Fri Sep 22 10:17:07 CEST 2017
Robert J. Hansen:
> But "it costs very little to get more margin", when our margin is
> already a factor of a *billion* stronger than it needs to be, is just a
> nonstarter. If a billion isn't enough for you, then what is?
Yes, but this is *now*. But I am arguing for the future in a dozen or
We're talking about defaults that will be used until the 2.3 release -
that might be years. (2?)
Even the last 2.2 before 2.3 will be used by distributions years after.
People generate keys with that 2.2 that will be used for encryption
years after they are generated. (5?)
And *that* encryption should still be considered strong against attacks
at least a decade after the initial encryption, in some cases way more
That's a lot of assumptions about the future here, but I do think those
values to be reasonable. So we're deciding *now* on what should have
enough safety margin for in 20 years. Looking at the last 20, I'd rather
be safe than sorry.
> There are some very good justifications to move to RSA-3072:
Well we agree on that. :)
Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
-- Eine Initiative des Bundesamtes für Tastaturbenutzung
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the Gnupg-devel