2048 or 4096 for new keys? aka defaults vs. Debian

Robert J. Hansen rjh at sixdemonbag.org
Sun Oct 27 18:36:25 CET 2013

On 10/27/2013 12:47 PM, Filip M. Nowak wrote:
> All this comes with a price of
> increased processing power requirement and most of the hardware vendors
> are doing really good here (really happily).

In the embedded space it's still quite common to see 8-bit processors
used as PICs.  We're just beginning to make the migration to 32-bit
processors, but it's going to be a long, long transition: there's a huge
installed base that will only get replaced when old chips fry and burn out.

Consumer-grade hardware is a decadent Garden of Eden.  However, the tiny
little processor that monitors chemical levels at your local water
treatment plant is going to be embarrassingly low-powered.

Given GnuPG aims to support even some of those bits of hardware (and I'm
glad of it -- some of those installations need confidentiality,
integrity and assurance even more than I do!), I'm happy the GnuPG
defaults are the way they are.

> On the other hand, one of the conclusions that Mr Schneier...

Just once, I'd love to hear someone say "Kelsey advises" or "Boneh
thinks" or "Ferguson has opined that..."

The world of computer security is a lot larger than Bruce Schneier.
He's good, absolutely, but really.  Open your eyes a little and read
more of the literature.  There's a ton of good stuff out there, and a
lot of it disagrees with Bruce.

More information about the Gnupg-users mailing list