I am not suggesting that world leaders should continue to use 1024 bit
RSA to store their nuclear installation locations or sign their
offical pronouncements.
"So for current OpenPGP usage, 1024 bit RSA is for all practical
purposes secure."
That was you, two messages ago. Now you're saying 1024-bit RSA
shouldn't be used for high-value secrets or signatures that need
long-term confidence. Thank you for conceding the point.
1024-bit RSA doesn't offer long-term security, and that makes it
inappropriate for a lot of situations. Stop using it now. Migrate to
something better before it's too late.
I am merely pointing out that for 99.9999% of
GPG users dropping the old key format provided no benefit with respect
to key length.
It absolutely did, by reducing unnecessary features and the code
necessary to support it. GnuPG's mission has been to deliver
high-quality implementations of RFC4880 and the S/MIME RFCs. Every line
of code that exists for RFC1991 support contributes nothing to GnuPG's
mission while adding a new opportunity for exploitable bugs.
I personally want all RFC1991 support out. If I need it, I know where I
can download GnuPG 1.4.
They could continue to use such keys indefinitely to
generate new messages with no real risk.
Assuming they didn't need long-term secrecy, sure. That's a big
assumption to make. Better to say "RSA-1024 is no longer believed to
offer acceptable long-term security, please stop using it."
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
