Why? Based on recent events, I would think DSA would be considered worse, not better than RSA. E.g. from http://wiki.debian.org/SSLkeys
"any DSA key must be considered compromised if it has been used on a machine with a 'bad' OpenSSL. Simply using a 'strong' DSA key (i.e., generated with a 'good' OpenSSL) to make a connection from such a machine may have compromised it. This is due to an 'attack' on DSA that allows the secret key to be found if the nonce used in the signature is known or reused." -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
