> Just for the records: _I_ do not consider the use of a 4096 bit RSA key > and a preference for SHA-512 a best practice.
I'll go one step further: I think the article is going to do more harm than good. When young people ask me where to begin programming, I tell them to just begin. Don't worry about whether Javascript is better than Python or C or anything else: just find something they think is neat and start. The most important thing for them is to begin, and the second-most important thing is for them to finish what they begin. Only later, once they're well and truly on their way, should they start worrying about technical details. The same applies here. The most important thing in using GnuPG is that people begin using it; the second-most important thing is that they keep on using it. Guides such as these may ultimately do more harm than good, in that they tend to lead new users into thinking they *have* to do all these things, daunting and maybe even scary things (and let's be clear: there's a lot of opaque terminology and technical jargon there!), in order to effectively use GnuPG. Which just isn't true. The best practice for GnuPG: --gen-key and find a plugin for your email client. Everything after that needs to be relegated to an advanced class. There's nothing wrong with advanced material: advanced material is great. But let's not go about scaring newcomers by making them think they need to do and understand all of that. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
