2048 or 4096 for new keys? aka defaults vs. Debian
Peter Lebbing
peter at digitalbrains.com
Sun Oct 27 12:30:34 CET 2013
On 27/10/13 12:15, Johan Wevers wrote:
> The only one I can think of is less dependence of a correctly functioning
> RNG.
I think this is a very important one, as we've seen with the debacle with
OpenSSL in Debian where DSA keys were compromised even when just used to create
a signature[1].
But I can think of another one: much more hardware support. Both smartcards and
crypto-accelerators either in a general purpose CPU or as a module in a computer.
HTH,
Peter.
[1]<https://wiki.debian.org/SSLkeys>
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list