On Tue, 14 Sep 2010, brian m. carlson wrote: > Personally, I can't see a reason that using an RSA 4096 bit key should > be that painful even on very slow machines. You're performing a *single > RSA encrypt operation* per signature.
Well, the main key is mostly a key-signing key/KSK (although you CAN use it to directly sign/encript data files), and you use subkeys (which can be smaller both in size and validity period) to do the grunt work if you don't want to deal with large signatures or more intensive CPU usage all the time. So, you could have a main 4096R key valid for 10 years, and attach to it a 2048R subkey valid for one or two years to make things faster, and generate a new subkey when its about to expire. Subkeys are NOT tied to UIDs (and, therefore, the web of trust), those are matters for the main key (KSK). subkeys are only signed by the main key (KSK). There is a thread about this now in the cryptography ML. If anything really insteresting shows up there, I will relay it here. I am certainly interested on our bias towards RSA and away from DSA2 and El-Gammal, for example... -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100914185529.ga22...@khazad-dum.debian.net
