Johan Wevers <joh...@vulcan.xs4all.nl> wrote: >On 25-10-2013 1:46, Robert J. Hansen wrote: > >> Mostly zealotry. According to NIST, RSA-2048 is expected to be >secure >> for about the next 25 years. > >The authority of NIST is of course severely reduced since the Snowden >revelations and their own suspicious behaviour with the Dual EC PRNG. > >Further, if they expect it to be secure for only 25 years, that is >sufficient for people to upgrade if they expect to remain alive over 25 >years (although in this case it might not apply since the key is only >used for signatures and adding backdoors in a 25 year old OS will not >be >very usefull).
Well, this assumes that you need 25 years of security. If your messages *must* remain uncrackable for that length of time, you may want to take many more measures to ensure the secrecy of what is being communicated, e.g. physical security, intranet mediated messages versus Internet mediated messages, etc. Cheers, --Paul -- PGP: 3DB6D884 _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
