"This key may be unsafe"

Jean-David Beyer jeandavid8 at verizon.net
Tue Mar 8 04:09:11 CET 2011

Grant Olson wrote:

> Here's a case where the difference between < and <= is HUGE.
> gnupg 1.4 only switched the defaults from 1024 DSA/ElGamal to 2048
> RSA/RSA in 1.4.10, which isn't even two years old.  I still see plenty
> of boxes in the wild that only have 1.4.9, and not just those ones that
> are old and creaky and people are afraid to reboot for fear of an actual
> hardware failure.
> Like you said, I would avoid creating one that size now, but even just a
> year-and-a-half ago, your mantra of "use the defaults unless you know
> what you're doing" would have resulted in 1024 bit keys for most users.
> Meanwhile, warning about keys < 1024 bit would be a little more
> practical, at least until ECC hits the standard.
I run Red Hat Enterprise Linux 5.6 (the latest of the RHEL5 series) and
they are only up to gnupg-1.4.5-14.el5_5.1, They will probably not move
up until RHEL 6 (that I believe has just recently come out). It looks as
though that one is: gnupg2-2.0.14-4.el6.i686  (for my 32-bit machines);
unless I am confused.

  .~.  Jean-David Beyer          Registered Linux User 85642.
  /V\  PGP-Key: 9A2FC99A         Registered Machine   241939.
 /( )\ Shrewsbury, New Jersey    http://counter.li.org
 ^^-^^ 21:50:01 up 4 days, 6:51, 3 users, load average: 4.73, 4.72, 4.92

More information about the Gnupg-users mailing list