...1.0.7 gonna publish my key / RSA ?

Newton Hammet newton@hammet.net
Thu Sep 26 22:55:01 2002


Hello All,

I am now researching this thing about RSA keys and compatability
with PGP, particularly later versions where it says RSA can be
added for "backward compatability" with older versions of PGP.

Why is PGP discontinuing support for RSA keys?  I can't image there are patent
issues.  I thought the patent expired on Sept 20, 2000 (source: Applied Cryptography).

Does it have to do with patent not expiring overseas?  Is it an ITAR issue?

I am curious, because I like the algorithm, but don't want to use it if it
will cause interoperability problems.

Regards, Newton






Adrian von Bidder wrote:
> 
> [could you consider cutting your lines to something around 72 chars?]
> 
> > (What is
> > he trying to hide?)  I didn't see any others out there with 2048-bit keys, so I wonder.
> 
> I doubt anybody will really notice. 1024 bit are the default right now,
> so most people go with that. There are quite a few bigger keys out there
> - chosing key size is just a question of judging how fast computers will
> get (or if there will be any major maths breakthrough) in the future,
> peoples opinions vary.
> 
> >
> > (William Jefferson Clinton has a 1024-bit key, but Al Gore, (inventor of the internet) does not,
> > apparently... lol)
> 
> Clinton, really!? And who told you this? I hope you've read about the
> idea behind the web of trust, and how to make sure that a key really
> belongs to the 'right' owner. The one key on wwwkeys.pgp.net keyserver
> does not have any signatures on it...
> 
> >
> > Comments are welcome.  I probably won't change from RSA though, cause I like that algorithm. Don't
> > know if DSA or ELGamal are more secure for same key length though. I think ElGamal may be secure
> > even
> > if there is a breakthrough in factoring but only if that does not also mean a breakthrough in
> > finding
> > descrete logarithms.... Don't know.
> 
> Depending on the people you will exchange messages with, you may want to
> double-check for interoperability problems with other openpgp
> implementations (PGP, hushmail) as your key is not the default.
> 
> cheers
> -- vbi
> 
> --
> secure email with gpg                           http://fortytwo.ch/gpg
> 
> NOTICE: subkey signature! request key 92082481 from keyserver.kjsl.com
> 
>   ----------------------------------------------------------------------------------------------------
>                        Name: signature.asc
>    signature.asc       Type: application/pgp-signature
>                 Description: This is a digitally signed message part