have gnupg 1.0.7 gonna publish my key.
Newton Hammet
newton@hammet.net
Thu Sep 26 11:43:22 2002
Hello GnuPG users,
I am getting ready to publish my keyserver to www.keyserver.net... that place looks pretty user
friendly.
So far I have done the following things:
1. Use gpg --gen-key/edit-key to generate a 2048-bit RSA signing only key, with a 2048-bit RSA
encryption only key as a secondary key.
2. Used a passphrase that is probably long and obscure enough make cracking difficult.
(Downside is carpal tunnel typing the damn thing in.)
3. Generated in advance my revoking certificate, and then encrypted it with symmetric-key encryption
and destroyed the unencryped version of the revoke cert.
(I don't want keys rotting out there in keyserverdom because i failed to make a revoke, or forgot
my passphrase, or both... forgetting passphrase is distinct possibility (see (2) above).
Haven't uploaded anything yet. I am prepared to, but notice a lot of people with 1024-bit keys.
Wondering if whether or not I will be drawing lots of attention to myself with a 2048-bit key.
(What is
he trying to hide?) I didn't see any others out there with 2048-bit keys, so I wonder.
(William Jefferson Clinton has a 1024-bit key, but Al Gore, (inventor of the internet) does not,
apparently... lol)
Comments are welcome. I probably won't change from RSA though, cause I like that algorithm. Don't
know if DSA or ELGamal are more secure for same key length though. I think ElGamal may be secure
even
if there is a breakthrough in factoring but only if that does not also mean a breakthrough in
finding
descrete logarithms.... Don't know.
Anyhow....
Regards, Newton