[Cryptography] RSA equivalent key length/strength

[Peter Gutmann]

Stephen Farrell <stephen.farrell at cs.tcd.ie> writes:

>That's a mischaracterisation I think. Some folks (incl. me) have said that
>1024 DHE is arguably better that no PFS and if current deployments mean we
>can't ubiquitously do better, then we should recommend that as an option,
>while at the same time recognising that 1024 is relatively short.

+1.

Peter.