On 5/23/12 4:12 PM, David Shaw wrote: > #1 explains why we default to 2048-bit keys, but not why RSA.
Fixed, thank you. > The answer you have for #4 is not exactly wrong, but it is not > complete. GnuPG doesn't support 4096-bit keys just because PGP (the > product) does. It also supports a range of key sizes because OpenPGP > (the standard) does. I don't want to seem argumentative (especially because I haven't looked at the RFC lately), but I was under the impression the RFC was mostly silent on the subject of algorithms and key sizes -- DSA being a MUST algorithm, but little guidance beyond that. Am I in error? (That said, the text has been fixed: thank you.) > For #10, it might be worth mentioning something about the use of > different hash lengths (q) for the different DSA sizes. The two sort > of go hand in hand. Or for that matter, perhaps a question #11 "How > come my signatures from my 2048-bit DSA key use a different hash than > those from my 1024-bit DSA key?" would be interesting. Added. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users