1 |
Am Montag 11 November 2013, 11:22:29 schrieb Ulrich Mueller: |
2 |
> |
3 |
> Looks all good to me, except for one point: |
4 |
> > Recommendations: |
5 |
> > ---------------- |
6 |
> > |
7 |
> > 3. Dedicated signing subkey of EITHER: |
8 |
> > |
9 |
> > 3.1. DSA 2048 bits exactly. |
10 |
> > |
11 |
> > 3.2. RSA 4096 bits exactly. |
12 |
> |
13 |
> Isn't it overkill to use 4096 bits for the signing subkey? I'd expect |
14 |
> that the level of protection of the keys themselves in a typical |
15 |
> developer's environment is far from being a match for this. (Do all |
16 |
> devs use a machine for signing that is isolated from the internet? |
17 |
> Or use a smartcard, at least?) |
18 |
> |
19 |
> Also 4096 bits are generally not supported by smartcards. For example, |
20 |
> the OpenPGP card (see http://www.g10code.de/p-card.html) in its newest |
21 |
> version supports RSA up to 3072 bits only. |
22 |
|
23 |
These smartcards as currently delivered are perfectly fine with 4096 bit (even |
24 |
though 3072 is printed on the card!). That just isn't advertised since at the |
25 |
time of design gnupg (the software) had a hard limit at 3072. The limit is |
26 |
lifted since 2.0.20. |
27 |
|
28 |
However, another question is whether to require a signing *subkey*. The cards |
29 |
have (as far as I understand it) only one sign/cert key store, meaning they |
30 |
can either hold the main key or the signing subkey, but never both. |
31 |
|
32 |
|
33 |
http://dilfridge.blogspot.de/2013/05/openpgp-smartcards-and-gentoo-part-2.html |
34 |
|
35 |
-- |
36 |
Andreas K. Huettel |
37 |
Gentoo Linux developer |
38 |
kde, council |