Key Transition Letter 2009-05-21

Robert J. Hansen rjh at sixdemonbag.org
Sun May 24 04:15:13 CEST 2009


gpg2.20.maniams at dfgh.net wrote:
> What are the algos that are compromised ? or NOT to be used ? If this is
> too long a list

Sorry to be so late to the party --

As of this writing, no algorithm supported by GnuPG has been
compromised.  Even MD5 is still on its feet.

That said, the SHA-1 and MD5 algorithms are both looking a little shaky,
and generally the recommendation seems to be to move away from those
algorithms.

All other algorithms supported by GnuPG are in good shape.

> I understand that choosing the key size and algo is something personal
> and others cant decide..... but I'm trying to know the choice ....

Please don't do this.  The defaults are the defaults for a very good
reason: they're good defaults.  With the exception of "move away from
SHA1", please do not mess around with the defaults more than you
absolutely have to.





More information about the Gnupg-users mailing list