Chris Poole wrote: > On Mon, Jan 23, 2012 at 4:52 PM, brian m. carlson > <sand...@crustytoothpaste.net> wrote: > >> Because it's also used to sign other people's keys. Using a very large >> key (for 256-bit equivalence, ~15kbits) makes verification so slow as to >> be unusable. You have to not only verify signatures on other keys but >> also the signatures on the subkeys. > > That was what I hadn't thought about. Thanks for bringing it to my attention.
Just to point out an important data point on the key size front. To a degree, larger keys are better. However, 4096-bit RSA keys are never going to be a standard. http://lists.gnupg.org/pipermail/gnupg-users/2010-December/040103.html Depending on the source, a consensus seems to be forming that beyond a 2048 or 3072 bit modulus for DSA2 or RSA, folks need to switch to ECC. Larger and larger RSA keys aren't the solution, ECC is. The balance of power has tipped away from RSA and toward ECC. Feel free to ignore everything I've said. There's no reason you should trust me. But by all means, keep asking questions. But everything I've read agrees larger and larger RSA keys are not the path forward. -John -- John P. Clizbe Inet: John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-k...@gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
