riseup.net OpenPGP Best Practices article

Robert J. Hansen rjh at sixdemonbag.org
Thu Jun 26 17:39:13 CEST 2014

> The goal of this document is to encourage people to make sure that 
> crypto is not the weak point in their communications.

If that's your criteria, RSA-1024 is sufficient.  Real systems are so
exploitable that crypto is never the weak point.

> Please read Bernstein's paper suggesting larger keysizes as a
> defense against common parallel constructions (one form of speedup):

I have.

> We can (and should) push on all of these fronts concurrently.

It must be nice to live in a world where you have unlimited resources to
direct to such efforts.

Pick and choose your battles.  At even RSA-1024, crypto is not going to
be the weak link in your system.  If your criteria is truly, "make sure
that crypto is not the weak link," then this entire discussion is moot:
any certificate GnuPG creates will do.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140626/721a20b4/attachment.sig>

More information about the Gnupg-users mailing list