best practices

Robert J. Hansen rjh at
Wed Dec 15 00:49:03 CET 2010

On 12/14/2010 6:37 PM, Faramir wrote:
>   Well, somebody could think "if they made a 256 bits symmetric algo,
> there should be a reason for that. And since if the asymmetric key is
> broken, the message is decrypted, no matter how strong is the symmetric
> algo, then it makes sense to use something equally strong".

Sure.  But someone could also think, "since they make both high proof
whiskey and fast cars, and they're each perfectly safe, there's no harm
in mixing them."

Thinking, "if they make a 256-bit symmetric algo, there should be a
reason for that," is quite correct as far as it goes.  Thinking its
existence means you need to use it, though, is not.  :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5598 bytes
Desc: S/MIME Cryptographic Signature
URL: </pipermail/attachments/20101214/33d2c6de/attachment.bin>

More information about the Gnupg-users mailing list