On Tue, 24 Jun 2014 05:55, fr...@frase.id.au said: > rounds today. Quite a lot of good info, especially regarding key > strength and expiry, and digest preferences.
Just for the records: _I_ do not consider the use of a 4096 bit RSA key and a preference for SHA-512 a best practice. For a secure system it is important to make the system stronger and not parts of the system which will never be attacked in real life. Granted, there are user with a need for non default algorithms, but those users have the resources to develop a security policy which fits their use case. How does a help 4096 key help if I can send you an encrypted mail which will lock up your MUA until you kill it (unless your MUA has some kind of timeout mechanism). There are more important things to be made stronger than the key size. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
