On 10/8/25 05:27, Jacob Bachmeyer via Gnupg-users 'gnupg-users at gnupg.org' wrote:
This sounds like it is only applicable to mobile devices.
Since the proposal and discussions around it explicitly mention both messaging and email, I would assume the regulation, when (if?) enacted will apply to both mobile devices and Internet-connected computers.
...offline, air-gapped box....
Even at the moment, this is the prudent MO for those that must assume that their communication device (mobile or laptop/desktop) operating system provider is cooperating with their adversary. It may well be that it is only practical to use 1.4x on an air-gapped device. If 4096bit RSA is considered sufficiently resistant to cryptanalysis (i.e., ignoring signing!), can such keys generated by 1.4x be considered just as secure as are the equivalent keys generated by 2.xx? R.B. _______________________________________________ Gnupg-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-users
