Generating a new key

Doug Barton dougb at
Sun Mar 21 04:22:12 CET 2010

On 03/20/10 19:15, Robert J. Hansen wrote:
> On 3/20/2010 9:09 PM, Doug Barton wrote:
>> Here are my choices for the various options, I'm curious if anyone sees
>> anything glaringly horrible about them. :)
> ObAdvice: it's probably best to stick with the defaults unless you've
> got clear needs the defaults don't meet.  Or, if you just like to tinker
> around with things.  

Guilty. :)

>> Here is where I differ from the defaults. I understand the argument
>> about a 1,000 meter wall vs. a 100,000 meter wall, however the larger
>> key doesn't make any appreciable difference to the encrypted file size,
>> and I like the idea of having an encryption key large enough that I
>> don't have to worry about things staying encrypted for the foreseeable
>> future.
> Large keys like this may give you some headaches down the road.
> Increasingly, we're moving to a handheld culture: whether a BlackBerry,
> an iPhone or an Android, the cell phone is becoming increasingly
> important as an electronic communications tool.
> It's reasonable to think that in the next five years OpenPGP will come
> to cell phones in one way or another.  If so, you will discover that 4k
> encryption keys are painfully slow on handheld devices.

Yes, that's a consideration, however in 5 years we'll have had at least
2 iterations of Moore's Law, and in my experience so far I do much more
signing than I do encryption.

Thanks for the review. :)



	... and that's just a little bit of history repeating.
			-- Propellerheads

	Improve the effectiveness of your Internet presence with
	a domain name makeover!

More information about the Gnupg-users mailing list