>>>>> "RHJ" == Robin H Johnson <robb...@gentoo.org> writes:
RHJ> 2. Root key type of RSA, 4096 bits rsa 4k provides no real benefits over rsa 3k here; it is just slower for everyone, signing or verifying. Cf, eg, http://www.nsa.gov/business/programs/elliptic_curve.shtml which recommends rsa 3k for use with aes128/sha256, rsa 7k for aes192/sha384 and rsa 15k for aes256/sha512. If 3k provides comparable security to aes128 and sha256, and one needs to more than double the rsa key length to compare with aes192 and sha384, there is no reason to bother with rsa 4k. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 1024D/ED7DAEA6
