what are the sub keys

Ingo Klöcker kloecker at kde.org
Wed Mar 23 22:58:38 CET 2011


On Wednesday 23 March 2011, Jeffrey Walton wrote:
> 2011/3/23 Ingo Klöcker <kloecker at kde.org>:
> > On Tuesday 22 March 2011, Jonathan Ely wrote:
> >> Enigmail allows only 1024, 2048 and 4096. I have never heard of
> >> that, but even still I would personally choose the largest key
> >> for the time being till RSA becomes obsolete. Is there anything
> >> larger than 4096 since you mentioned values unknown to me?
> > 
> > Let's see. There's 4097, 4098 and even 4099. And then there's 4100.
> > ;-p
> > 
> > IMHO all those discussions about key sizes are really pathetic.
> > Stick with the defaults or educate yourself by reading the
> > appropriate literature instead of starting one non-sensical
> > discussion after the other on this mailing list. It should be
> > rather obvious by now that key sizes above 2048 are mostly a
> > matter of personal taste and bad judgement.
> 
> Bad judgement or best practice? Some folks must use a key with a 128
> bit security level.
> 
> NIST SP 800-57:
> http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revi
> sed2_Mar08-2007.pdf ECRYPT2 Key Recommendations:
> http://www.ecrypt.eu.org/documents/D.SPA.13.pdf

That's why I wrote "mostly".

I claim that of all 4096 keys that can be found on the public keyservers 
most have been created by people who just went for the highest number. 
Because bigger must be better, right?

http://xkcd.com/538/


Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110323/782cc971/attachment.pgp>


More information about the Gnupg-users mailing list