Hi Aristid, > Just how weak are they, and why?
1024 bit DSA keys are considered "weak" in the sense that someone might be able to crack those if he or she is super motivated to do so and has a couple of million dollars to spend. In other words, if you intend to blow the whistle on some secret NSA spy program any time soon, then you probably shouldn't use those keys to protect your communication. 1024 bit DSA is perfectly secure, however, to protect against attackers other than crazy billionaires, organized crime, and government agencies. Mounting a meaningful attack against a 1024 bit DSA key is just too expensive to be feasible on a large scale. Nonetheless, there is no reason to stick to 1024 bit DSA keys -- more secure public key encryption schemes are readily available --, and if you have the chance to upgrade your installation, then it's probably a good idea to do it. Take care, Peter _______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
