On Tue, 22 Mar 2011 19:08:56 +0000, Jerome Baum <jer...@jeromebaum.com> wrote: > But the OP was talking about RSA-2048 (with any > hash), and there is a reason not to use that.
There may be particular users who have reasons not to use RSA-2K, but as far as general advice goes, I don't see any reason to go beyond RSA-2K. If someone breaks RSA-2K it will be via a breakthrough of such Gaussian proportions[*] that our proper response will be to migrate to different schemes altogether, not to tack on another few bits and consider ourselves safe. If you're concerned for 30+-year security and you have to use RSA and you can't use anything else, then yes, use the largest RSA key you can find. The rest of us are better suited by realizing "if RSA-2K ever falls we should move for the exits, regardless of how large our keys are." [*] Yes, it's a _Sneakers_ ref. Seemed appropriate, given the talk of breaking RSA... _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
