2048 or 4096 for new keys? aka defaults vs. Debian
Robert J. Hansen
rjh at sixdemonbag.org
Sat Oct 26 16:30:22 CEST 2013
On 10/25/2013 5:45 PM, Johan Wevers wrote:
> The authority of NIST is of course severely reduced since the
> Snowden revelations and their own suspicious behaviour with the Dual
> EC PRNG.
*To you* they're severely reduced. Please don't presume to make ex
cathedra statements for the rest of the world. While I agree that NIST
is certainly not looking good, I'm not going to go so far as to say
their authority or credibility is "severely reduced."
Further, this statement of NIST's is backed by RSA Data Security, which
has issued recommendations that are in much the same line, and various
other consortiums as well.
> Further, if they expect it to be secure for only 25 years, that is
> sufficient for people to upgrade if they expect to remain alive over
> 25 years
Not even intelligence agencies expect to keep things secret past 25
years. If you're doing something that must remain secret for more than
25 years, I would recommend thinking about whether you should be doing
those things in the first place.
More information about the Gnupg-users