DSA2 key compatibility

Dennis K dennisk at netspace.net.au
Wed May 26 10:44:11 CEST 2010


Hello all,

I've got a question regarding which signing key I should choose.

As I understand it, 1024 bit DSA keys are no longer recommended, which
leaves two options.  Larger RSA keys or DSA2 keys.  I've read stuff
about DSA2 being new and not yet widely supported, but that material is
from 2006.  I've also read that RSA is not necessarily required to be
supported by an OpenPGP implementation.

My question basically is, is using a DSA2 signing key going to cause
compatibility problems, or is it pretty much universally supported now.

Also, should I just keep using my existing DSA 1024 bit key and enable
DSA2 within GnuPG as I'm doing now, or is it much better to generate a
new one.

I would like to use DSA2, but am worried about compatibility issues.
Are these concerns valid any more?

I figure the user list would be able to give clear information.
However, a little further research seems to suggest that RSA keys for
signing would be more secure.


Thanks,
Dennis




More information about the Gnupg-users mailing list