RSA signing keys
Werner Koch
wk at gnupg.org
Fri Feb 18 16:18:44 CET 2005
On Fri, 18 Feb 2005 15:06:22 +0100, Gregor Zattler said:
> Do you advise to use RSA signing keys with gnupg 1.4.1? Will the
> default key type change?
No. DSS is the default signing algorithm and a MUST for all OpenPGP
applications; thus it is suggested to do that. Not all OpenPGP
applications are able to handle RSA signed messages.
And now please repeat all:
The security of a system is limited by its weakest link!
Does anyone really believe that a collission attack (i.e. a method to
produce 2 different text with the same hash value) is a danger?
I am 100% sure that there are more severe bugs in GnuPG or other
software used during the build and its use that are far easier to
exploit than a 2^69 workload with incredibale amounts of required
storage. Let alone rubber hose attacks and blackmailing.
Shalom-Salam,
Werner
More information about the Gnupg-users
mailing list