On Mon, Jan 04, 2010 at 08:36:32PM +0000, brian m. carlson wrote: > On Mon, Jan 04, 2010 at 08:59:16PM +0100, Vincent Danjean wrote:
>> My main gpg public key seams to be a 1024 DSA key (1024D/9D025E87). >> I would like to have a more robust main key. I've created to 4096 RSA >> subkey to sign and encrypt. >> The immediate "solution" is to create a separate new (main) key, >> sign it and make it signed by other DD and then ask for it to be >> added in Debian keyring. But perhaps gpg guru¹ would have better >> suggestions ? > (...) For maximum long-term security, I recommend a 3072-bit DSA key > (preferably with SHA-512) or a 4096-bit RSA key. I seriously recommend a RSA key over a DSA key; DSA has this horrible property that you leak bits of your private key with every signature done on a computer with cryptographically weak random numbers source! -- Lionel -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
