You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Will GnuPG ever support RSA-3072 or RSA-4096 by default?
Probably not. The future is elliptical-curve cryptography, which will bring a level of safety comparable to RSA-16384. Every minute we spend arguing about whether we should change the defaults to RSA-3072 or more is one minute the shift to ECC is delayed. Frankly, we think ECC is a really good idea and we’d like to see it deployed as soon as humanly possible.
Running gpg --full-generate-key on macOS:
$ gpg --full-generate-keygpg (GnuPG) 2.3.1; Copyright (C) 2021 Free Software Foundation, Inc.This is free software: you are free to change and redistribute it.There is NO WARRANTY, to the extent permitted by law.Please select what kind of key you want: (1) RSA and RSA (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) (9) ECC (sign and encrypt) *default* (10) ECC (sign only) (14) Existing key from cardYour selection?
Should guide be updated to use ECC rather than RSA?
The text was updated successfully, but these errors were encountered:
This is likely an opinionated question…
Asking because I would love to get community’s feedback on using ECC vs RSA in the context of provisioning YubiKeys.
YubiKey has released firmware 5.2.3 in August of 2019 which added support for Elliptic Curves.
From GnuPG FAQ:
Running
gpg --full-generate-key
on macOS:Should guide be updated to use ECC rather than RSA?
The text was updated successfully, but these errors were encountered: