howto secure older keys after the recent attacks
Philippe Cerfon
philcerf at googlemail.com
Thu Sep 10 16:51:05 CEST 2009
Hi Robert.
On Thu, Sep 10, 2009 at 3:59 PM, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
> Not really. If there were good reasons to believe OpenBSD's entropy
> collector was better than Linux's, the Linux crew would fix the code,
> maybe even borrowing OpenBSD's entropy collector.
Ah,.. right... it was the other way round it didn't work (GPL2 to BSD ;) )
>> -Currently the default (and I assume suggested) algorithm is RSA,
>> right? How does DSA2 compare with it?
> Arguing whether RSA or DSA2 is better is kind of like arguing whether
> King Kong or Godzilla is better at stomping cities flat.
One should perhaps count in all the King Kong vs. Godzilla moviews,..
who has won more often? ;-)
>> I once read, that RSA would
>> provide a hash algorithm armor which the DSA's wouldn't have. Is this
>> still true?
>
> Yes. No. Not really. Kind of.
ooook... ^^
>> should lead to about the same "strenght"...
>
> Beware of those numbers. I don't know anyone who takes them seriously.
> They are conjecture and speculation. Educated conjecture and
> speculation, sure: some of the brightest minds out there worked on the
> conjecture and speculation -- but they're still conjecture and
> speculation.
>
> That said, there's nothing wrong with using those numbers as long as you
> remember that they're conjecture.
Ok,.. I see.
> If memory serves, the key generation code is identical between the 1.4
> and 2.0 branches.
Thanks :)
Philippe.
More information about the Gnupg-users
mailing list