> It is time for Werner, Robert, and the others to speak up. I don't know why I need to speak up. I haven't done any serious crypto work in almost a decade now. I am not an authority on these matters. At best, I can give a semi-informed perspective on things -- but that's about it.
> http://www.schneier.com/blog/archives/2009/07/another_new_aes.html > [Note that Serpent is referenced as a backup plan. If you look > at Bruce's 1:22 PM comment he recommends AES-128 (AES) over > AES-256 due to the poor key-schedule for AES-256. You're misquoting him. "For new applications I suggest that people don't use AES-256. AES-128 provides more than enough security margin for the forseeable future. But if you're already using AES-256, there's no reason to change." So, my response to this is a shrug. If you're already using AES-256, go on and keep using it: there's no reason to change.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
