-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Just some quick thoughts on this:
> 2. root key & signing subkey of EITHER: 2.1. DSA, 1024 or 2048 bits > 2.2. RSA, >=2048 bits I don't really agree. From your own link (https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#dont-use-pgp-mit-edu): "Many people still have 1024-bit DSA keys. You really should consider transitioning to a stronger bit-length and hashing algo. This size is known now to be within Well Funded Organizations’ ability to break. Also the hashing algo is showing its age." Some more opinions from different studies: keylength.com. 1024 DSA keys seem pretty short to me. Surely it might be inconvenient for some (2-3? please write a mail here!) people with smart cards. But then again, especially people going through the hell of using a physical token would understand the need for decent crypto. ;) I think key rotation is overdoing it and pretty annoying. Better use a non-annoying, long key from the start? > 4. If you intend to sign on a slow alternative-arch, you may find > adding a DSA1024 subkey significantly speeds up the signing. How slow is that actually? Does it make signing very inconvenient? Maybe someone with a slow machine can write about performance and the "annoyence-factor"... ;) Best regards, Craig -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlEkGjEACgkQuiczp+KMe7SkWACgrioKjFkuPwJOxUCmhGKcC4Ib uyQAmwUfM7u3x6sD1rmQJrEjjUu7C6ok =OyqH -----END PGP SIGNATURE-----
