RSA key size restriction?
David Shaw
dshaw at jabberwocky.com
Fri Dec 12 14:27:38 CET 2003
On Fri, Dec 12, 2003 at 09:15:08PM +0200, Maxine Brandt wrote:
> David Shaw wrote:
>
>
> |> | Again, if someone generates such a key, GnuPG will work with it.
> I
> |> | still don't see the need to make it easy to generate them though,
> |> | especially given that if someone wanted it badly enough, they can
> |> | remove the line of code that prevents it themselves.
> |> |
> |> Which line?
>
>
> | Search for "keysize too large" in g10/keygen.c
>
> Thanks, David. That should be good enough for those of us who want to
> generate oversize keys for some reason.
>
> Actually, I agree with the criticism of these large keys, but I have a
> correspondent who refuses all encrypted communication with keys
> smaller than 7680 bits. Paranoia or eccentricity - I'm not sure. I
> have a large RSA v4 key created with a hacked PGP version, but I'm not
> happy with it because it has a v3 signature on the subkey, which
> doesn't seem too reglo for my taste.
V3 subkey signatures are legal, but certainly a bit odd.
Out of curiosity, do you know how or why your correspondent came up
with 7680 bits in particular?
David
More information about the Gnupg-users
mailing list