On 3/20/2010 11:22 PM, Doug Barton wrote: > > Yes, that's a consideration, however in 5 years we'll have had at least > 2 iterations of Moore's Law, and in my experience so far I do much more > signing than I do encryption. > > Thanks for the review. :) > > > Doug >
I stumbled on this wikipedia page a few weeks ago: http://en.wikipedia.org/wiki/Key_size#Asymmetric_algorithm_key_lengths I'm not sure how up-to-date the info is, but it basically says that even with Moore's law, 2048 bit keys should be good until 2030. I would think if you want to future-proof anything, it'd be the primary key. You can create a separate signing subkey with a more reasonable bit length. And then if you need to crank up the signing/encryption key bit-lengths in the future, you can create new subkeys and expire the old ones, and you'll keep all your signatures on the existing primary key.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
