Also --
Keep in mind that I am not criticizing that weblog entry. I am only
saying, "don't believe the hype." Much of what it says is accurate: it
is a good idea to migrate towards better digest algorithms. Just don't
believe anyone who tells you that DSA-1024 is insecure: it isn't.
That said,
David Alexander Russell wrote:
> Essentially what I read was that the default 1024-bit DSA key isn't
> strong enough, due to some flaw in SHA-1 which is the hash used for that
> size of DSA (that's as much detail as I absorbed I'm afraid)
Don't believe the hype.
I don't like DSA-1024, for a lot o
Robert J. Hansen wrote:
> DSA is not a Bad Thing. Whoever it was who told you this did you a
> disservice. If you'd like to tell us what you've heard about DSA, we
> would be happy to correct the misinformation you were given.
>
> My suggestion is to "gpg --gen-key". At each step of the way, if
David Alexander Russell wrote:
> However I don't know what the 'best practice' is with regards to
> keypairs and so on.
GnuPG best practices, in a single sentence: "Unless you know what
you're doing and why, stick with the defaults."
This one sentence is useful for about 95% of new users' questi
I've just bought a netbook with Ubuntu preinstalled, and since
integrating with GnuPG is much easier than it is on Windows I thought it
would be a good idea to start using it properly. However I don't know
what the 'best practice' is with regards to keypairs and so on. I've
read in a couple of plac
