| 1 |
>>>>> On Mon, 11 Nov 2013, Robin H Johnson wrote: |
| 2 |
|
| 3 |
> GLEP: xx |
| 4 |
> Title: Gentoo GPG key policies |
| 5 |
|
| 6 |
Looks all good to me, except for one point: |
| 7 |
|
| 8 |
> Recommendations: |
| 9 |
> ---------------- |
| 10 |
|
| 11 |
> 3. Dedicated signing subkey of EITHER: |
| 12 |
|
| 13 |
> 3.1. DSA 2048 bits exactly. |
| 14 |
|
| 15 |
> 3.2. RSA 4096 bits exactly. |
| 16 |
|
| 17 |
Isn't it overkill to use 4096 bits for the signing subkey? I'd expect |
| 18 |
that the level of protection of the keys themselves in a typical |
| 19 |
developer's environment is far from being a match for this. (Do all |
| 20 |
devs use a machine for signing that is isolated from the internet? |
| 21 |
Or use a smartcard, at least?) |
| 22 |
|
| 23 |
Also 4096 bits are generally not supported by smartcards. For example, |
| 24 |
the OpenPGP card (see http://www.g10code.de/p-card.html) in its newest |
| 25 |
version supports RSA up to 3072 bits only. |
| 26 |
|
| 27 |
The following XKCD comic summarises the issue quite well. :-) |
| 28 |
http://xkcd.com/538/ |
| 29 |
|
| 30 |
Ulrich |
Archives