Gentoo Archives: gentoo-dev

From: James Cloos <cloos@×××××××.com>
To: "Robin H. Johnson" <robbat2@g.o>
Cc: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] RFC: Gentoo GPG key policies
Date: Wed, 20 Feb 2013 18:44:04
In Reply to: [gentoo-dev] RFC: Gentoo GPG key policies by "Robin H. Johnson"
1 >>>>> "RHJ" == Robin H Johnson <robbat2@g.o> writes:
3 RHJ> 2. Root key type of RSA, 4096 bits
5 rsa 4k provides no real benefits over rsa 3k here; it is just slower
6 for everyone, signing or verifying.
8 Cf, eg, which
9 recommends rsa 3k for use with aes128/sha256, rsa 7k for aes192/sha384
10 and rsa 15k for aes256/sha512.
12 If 3k provides comparable security to aes128 and sha256, and one needs
13 to more than double the rsa key length to compare with aes192 and sha384,
14 there is no reason to bother with rsa 4k.
16 -JimC
17 --
18 James Cloos <cloos@×××××××.com> OpenPGP: 1024D/ED7DAEA6


Subject Author
Re: [gentoo-dev] RFC: Gentoo GPG key policies "Robin H. Johnson" <robbat2@g.o>