what are the sub keys
Robert J. Hansen
rjh at sixdemonbag.org
Tue Mar 22 16:28:57 CET 2011
> I agree that 4096 may seem like overkill, but I think the recommendation
> to max out one's RSA key size is defensible. Here's why:
"Defensibility" really doesn't enter into it. My purpose isn't to
persuade someone not to use a 4k key: my purpose is to suggest that people
think critically about why they want a 4k key and what they think it will
give them that a 2k key does not.
> I agree that an awful lot of fuss is made over key length, sometimes to
> the exclusion of other, much more likely attack vectors. However, until
> someone describes for me a compelling reason NOT to bump key length up
> to 4096, my view remains: "Why not?"
And this is where I part ways with you. There is no reason not to bump
key length up to 4096. There is also no reason not to use SHA512 with a
DSA-1k key, for instance. Sure, only 160 bits of SHA512 will be used, but
that's not a reason not to use it. It's not as if you're making the system
weaker.
IME, engineering starting from a base maxim of, "why not?", ultimately
leads to curious things that leave you scratching your head (like the
aforementioned, "why are you using SHA512 with DSA-1K?"). This is why I
would much rather start from a base maxim of, "why?" I'd much rather be
accused of favoring minimalism than maximalism.
More information about the Gnupg-users
mailing list