Draft of nine new FAQ questions
Robert J. Hansen
rjh at sixdemonbag.org
Wed May 23 22:45:30 CEST 2012
On 5/23/12 4:12 PM, David Shaw wrote:
> #1 explains why we default to 2048-bit keys, but not why RSA.
Fixed, thank you.
> The answer you have for #4 is not exactly wrong, but it is not
> complete. GnuPG doesn't support 4096-bit keys just because PGP (the
> product) does. It also supports a range of key sizes because OpenPGP
> (the standard) does.
I don't want to seem argumentative (especially because I haven't looked
at the RFC lately), but I was under the impression the RFC was mostly
silent on the subject of algorithms and key sizes -- DSA being a MUST
algorithm, but little guidance beyond that. Am I in error?
(That said, the text has been fixed: thank you.)
> For #10, it might be worth mentioning something about the use of
> different hash lengths (q) for the different DSA sizes. The two sort
> of go hand in hand. Or for that matter, perhaps a question #11 "How
> come my signatures from my 2048-bit DSA key use a different hash than
> those from my 1024-bit DSA key?" would be interesting.
More information about the Gnupg-users