Signature key length limitations

Aaron Lehmann
Wed Aug 21 04:45:01 2002

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Aug 20, 2002 at 07:32:02PM -0700, Len Sassaman wrote:
> > I want to generate a signature key that's longer than 1024 bits.
> > However, this isn't allowed by the DSA standard, and GPG tells me that
> > using ElGamal for signature keys is "deperecated". While GPG doesn't
> > say the same thing about RSA, it seems unusual to be generating RSA
> > OpenPGP keys in the 21st century.
> Why? It makes more sense to use RSA keys now than it did last decade, when
> there were patent problems.

I think I'm confusing RSA keys and PGP2 keys.

RSA is a great cryptosystem and I have nothing against it.

However, I don't like the constraints that used to be placed on RSA
keys back when PGP only supported RSA.

If I generate a RSA key with a modern OpenPGP implementation (GPG),
will it act like old-style PGP RSA keys? For example, will MD5 or
SHA-1 be used as the hash function for signature generation?

Will PGP5 and up interoperate with GPG-generated RSA keys?

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.7 (GNU/Linux)