On Wed, Sep 28, 2005 at 10:29:40AM -0400, Jason Barrett wrote: > Yes, but it's almost impossible to answer this because it's not clear > what you're doing. Are you storing the keys or the results? 1024 bit > keys with what algorithm? The only key type that is locked to 1024 > bits is DSA and that's a signing algorithm, so encryption never comes > into the equation. > > The key that's used for encryption, according to the Handbook, is the > El-Gamal sub-key that gets created, along with the DSA signing key, when > you invoke 'gpg --gen-key'. The concern is over database storage of the > results, not the keys. I could store them outside the database, but I'd > rather not as that adds a level of indirection, additional complexity, and > another point of failure to the design. The algorithm is whatever is used > by 'gpg --encrypt'.
Well, it's a tiny difference in practice, but you can generate small Elgamal keys by using the --expert flag along with --gen-key. David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
