On Wed, 05 Apr 2006 18:22:35 +0200, Felix E Klee said: > * What are those problems that one may encounter with RSA?
You can't load a non-1024 bit RSA key to the card. RSA keys are optional in OpenPGP and thus some implementaions may not be abale to use your key. > * Why should the key on the card not be used for key signing? Either becuase people feel that 1024 bit RSA/SHA-1 is not strong enough or due to the diculties of creating a backup of that key. Without a backup and a borken card you won't be able to properly use your key anymore and all collected signatures are practically lost. > * Is there any advantage in using a DSA master key (not supported by the > OpenPGP card, I know) instead of an RSA master key? DSA signatures are much smaller. > * What's the best tool for generating the 1024 bit RSA key? Should I > simply use plain "gpg --gen-key --no-random-seed-file" or should the > key be generated on card, or does it not really matter? gpg --gen-key --no-random-seed-file is only useful if you don't have permission to write it. Shalom-Salam, Werner _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
