RSA for both or separate RSA subkeys for signing and for encryption. SHA-512 is safer than SHA-256, while it's slower and has twice bigger hashes (not an issue for signatures: RSA already needs big signatures).
DSA is less popular, more complex and usually needs randomness for
signing. If multiple signatures are made with bad randomness, an attack
can recover the private key from it: it's bad and not possible with RSA.
DSA is usually used with 1024 bit keys, these are weak. RSA with 4096
bit keys or larger might be safe enough for near future.
("RSA" here refers to the algorithm, not the insecure company.)
pgpTcJ7HR4AKl.pgp
Description: PGP signature
