On Sun, 22 Oct 2006, Girish Venkatachalam wrote: > You mean to say that newer versions of OpenSSL do not allow you to > create DSA keys longer than 1024 bits, but then isn't there an export > and a non export version?
No, longer DSA keys do not offer extra cryptographic strength unless you make other modifications to the algorithm. > I am assuming that all this FIPS/export etc. are some political crap >that gets in the way of people wanting to use strong crypto. Politics have nothing to do with it. > Now, the problem with RSA is that it used to be patent encumbered > (well) and even now I prefer DSA over RSA for whatever reason. Patents have nothing to do with it. > Now what? Use RSA if you want longer keys if you like. > Looks to me there are some holes in your analysis. No. -d
