-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Werewolf escribió: > > Another Pondering as every year need bigger bit sized keys to be secure > Benefits and Cons
IMHO, I would just use 2048 bits keys and focus in keeping the keys safe... and using good algorithms. But consider I am not an expert, and I am not even an experienced user... I found a document today, maybe it is worth taking a look at it: http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part1.pdf > Wondering if adding a bigger encryption/signing sub keys to current key > on keyserver leaves the benefit keeping the same finger print? So don't > have inform all your corresondences to get a new key from you? They > just have --refresh their public keyrings Yes, you can keep the primary key and change the subkeys... you can even remove the primary key (and store it SAFE) and work with the subkeys... there is a tutorial about that, and was posted in this list a while ago... Look at "Secure Key Generation" in the site http://tjl73.altervista.org/index_en.html > Just setting old key to expire and Generate a new set, collect > signatures again, change info on web pages and/or bussiness cards? I have not collected a single strong signature in 5 months, so if I ever get one, I won't be happy if I have to revoke my key (lol). Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJI99IxAAoJEMV4f6PvczxAbEAIAItqD7BMjL5zGcqSpID3EBb/ g+rMhPzOXGxdiHdKpWy8gVgGXvLRIlAR3CgxS8i/qx7ys/LJHUteupKwyrw295ge wdjtw0LSIVSlRw4u1I2WFo+cohsLsMO9ZZ0qjNlsNKpfMOWT3VovSJp/kIi9cUVX zvv4v3vEMOLmV1Vv1iMD3ffpAI3Ajmv8+nNgYFL/2KFUa4YXJ5xhO/j7cCudNhl6 jL4JwSCs+erefrMzeUrkT8c8dPZa8DP8AODMhMoAxjdRNNdY2w7ZybJca1IPtYtX O0eV4un9S7D7/a+WvfiseKkj6VkSIeAA6jXBRVL8f+tJst5mevbTryDD9H1qBwM= =zkuN -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
