On Thu, Sep 04, 2014 at 02:31:38PM +0200, Arnold wrote: > On 04-09-14 08:16, Christoph Egger wrote: > > Seems uploading my gpg key (d49ae731) to pool.sks-keyservers.net fails > > for several of the hosts in rotation: > > The question is: is the key too large, or should we accept keys of *every* > size? > > Accepting every key size does not scale well in the long term. It can also > lead to > a nasty DOS attack: upload many huge keys to eat all the public key server > resources. We currently have no means to remove keys or specific key data. > Actually, I think this isn't the problem you're making it out to be.
Ellyptic Curve Cryptography keys are much smaller and will be supported in GPG 2.1. Some implementations of 2.0 also seem to support these keys currently. The largest RSA key size I've seen implemented is 8192. This is in APG (the Android variant). I would suggest setting an upper bound of 16384. -- David Benfell <[email protected]> See https://parts-unknown.org/node/2 if you don't understand the attachment.
pgpoZIwOmNhzF.pgp
Description: PGP signature
_______________________________________________ Sks-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/sks-devel
