> I never attributed RSA-1024 to you: i'm merely pointing out that good > enough for "virtually all users" and "virtually all purposes" is the > wrong way to select choices that we want to cover the most vulnerable > targets.
Sorry for the double response -- I thought I'd included this in my previous mail, but I didn't. I am not in favor of covering more than 'virtually all users' and 'virtually all purposes.' The difference between 99% of GnuPG's users and 100% of GnuPG's users is, first of all, impossible to close, and second of all, requires ever-increasing expense just to approximate it. Phil Z. designed PGP to be Pretty Good Privacy. Not perfect... just pretty good. GnuPG is quite clearly built in the same vein. "Virtually all" is the right way to select defaults. The next step beyond "virtually all" is "all." We can't achieve that and it's foolish to try.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
