long-term GPG signing key
Perry E. Metzger
perry at piermont.com
Wed Jan 11 09:04:07 EST 2006
Ian G <iang at systemics.com> writes:
> Travis H. wrote:
>> I'd like to make a long-term key for signing communication keys using
>> GPG and I'm wondering what the current recommendation is for such. I
>> remember a problem with Elgamal signing keys and I'm under the
>> impression that the 1024 bit strength provided by p in the DSA is not
>> sufficiently strong when compared to my encryption keys, which are
>> typically at least 4096-bit D/H, which I typically use for a year.
>
> 1. Signing keys face a different set of
> non-crypto threats than to encryption
> keys. In practice, the attack envelope
> is much smaller, less likely.
I call "bull".
You have no idea what his usage pattern is like, and you have no idea
what the consequences for him of a forged signature key might be. It
is therefore unreasonable -- indeed, unprofessional -- to make such
claims off the cuff.
--
Perry E. Metzger perry at piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list