Linux crypto killer apllication
Michel Messerschmidt
lists at michel-messerschmidt.de
Thu May 15 15:26:26 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sven Radde said:
> David Picón Álvarez schrieb:
>> Well, I'm pretty sure if GnuPG had the limit you suggest (2048) it
>> would be legally unusable for some purposes, due to legal guidelines,
>> "best practices", and all that tosh.
> FWIW, german digital signature laws AFAIK mandate a key length of
> exactly 1024 bits even for the strongest class of signatures.
Actually the legal requirements changed this year.
1024 bit RSA and SHA-1 are not sufficient anymore. 2048 bit is
recommended and at least 1280 bit is required (see
http://www.bundesnetzagentur.de/media/archive/12198.pdf for details).
Still I haven't seen any legal requirement beyond 2048 bit RSA/DSA yet.
But the retirement of SHA-1 may become an issue for OpenPGP.
Regards,
Michel
- --
Der tägliche Wahnsinn - http://www.virtualfreedom.de/dtw/
"Rasse" war der Irrglaube des 20. Jahrhunderts, "Sicherheit" ist der des 21.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFILDoCBi3LpOkEzmoRAqj+AKCwwBYBeMGG2hyNUiTshYGoqsZtugCgri82
/RxzertXM/pWvgxziHL6XDM=
=i0pU
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list