-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sven Radde said: > David Picón Álvarez schrieb: >> Well, I'm pretty sure if GnuPG had the limit you suggest (2048) it >> would be legally unusable for some purposes, due to legal guidelines, >> "best practices", and all that tosh. > FWIW, german digital signature laws AFAIK mandate a key length of > exactly 1024 bits even for the strongest class of signatures.
Actually the legal requirements changed this year. 1024 bit RSA and SHA-1 are not sufficient anymore. 2048 bit is recommended and at least 1280 bit is required (see http://www.bundesnetzagentur.de/media/archive/12198.pdf for details). Still I haven't seen any legal requirement beyond 2048 bit RSA/DSA yet. But the retirement of SHA-1 may become an issue for OpenPGP. Regards, Michel - -- Der tägliche Wahnsinn - http://www.virtualfreedom.de/dtw/ "Rasse" war der Irrglaube des 20. Jahrhunderts, "Sicherheit" ist der des 21. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFILDoCBi3LpOkEzmoRAqj+AKCwwBYBeMGG2hyNUiTshYGoqsZtugCgri82 /RxzertXM/pWvgxziHL6XDM= =i0pU -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
