Generating a new key
kgo at grant-olson.net
Sun Mar 21 04:33:59 CET 2010
On 3/20/2010 11:22 PM, Doug Barton wrote:
> Yes, that's a consideration, however in 5 years we'll have had at least
> 2 iterations of Moore's Law, and in my experience so far I do much more
> signing than I do encryption.
> Thanks for the review. :)
I stumbled on this wikipedia page a few weeks ago:
I'm not sure how up-to-date the info is, but it basically says that even
with Moore's law, 2048 bit keys should be good until 2030.
I would think if you want to future-proof anything, it'd be the primary
key. You can create a separate signing subkey with a more reasonable
bit length. And then if you need to crank up the signing/encryption key
bit-lengths in the future, you can create new subkeys and expire the old
ones, and you'll keep all your signatures on the existing primary key.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 552 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users