From owner-freebsd-questions@FreeBSD.ORG  Thu Nov 15 16:45:34 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 6F9A316A418
	for <freebsd-questions@freebsd.org>;
	Thu, 15 Nov 2007 16:45:34 +0000 (UTC)
	(envelope-from aryeh.friedman@gmail.com)
Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.229])
	by mx1.freebsd.org (Postfix) with ESMTP id AB35213C47E
	for <freebsd-questions@freebsd.org>;
	Thu, 15 Nov 2007 16:45:33 +0000 (UTC)
	(envelope-from aryeh.friedman@gmail.com)
Received: by wr-out-0506.google.com with SMTP id 70so523825wra
	for <freebsd-questions@freebsd.org>;
	Thu, 15 Nov 2007 08:45:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta;
	h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding;
	bh=9hbQI2NwOa60gViEPTs+QS/G9Beso7r7LYr2FTXbrEo=;
	b=ih2jees4buVAxBCq5oosqAZZVcH8oJmBBJAwdkEKc/QAJ2jVQaIbJtKRRAOWA6Gm9P5QhbzLC9ADHqW2ie/KioQSa/Ei5WxxKMrFPWD9Nwj1snITSvSyaXzZsRrO1alHJVrf1UiDS0FUvcBQTcwOXIn7Cp4bVr4LZbGZ5eIsoUk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta;
	h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding;
	b=fI7sHqHUoQmBjyPyLHc0xIUbJpawFk//q1MySkZfdRfv8Xx/PgJK0A9RoB/52RUoZ8oIIXeZ2YjQYCgXOyfPFtcmt6zzgxExYyisIDekgOChukael58nYFzxwDdWcv1W4xO7Rm2lJIin8jxOv9Pm1R8HNPf6Q6Ub61MZLEaP0/k=
Received: by 10.90.91.14 with SMTP id o14mr1379292agb.1195145125247;
	Thu, 15 Nov 2007 08:45:25 -0800 (PST)
Received: from ?192.168.2.2? ( [67.85.89.184])
	by mx.google.com with ESMTPS id n26sm3202638ele.2007.11.15.08.45.22
	(version=TLSv1/SSLv3 cipher=RC4-MD5);
	Thu, 15 Nov 2007 08:45:23 -0800 (PST)
Message-ID: <473C7799.9060609@gmail.com>
Date: Thu, 15 Nov 2007 11:45:13 -0500
From: "Aryeh M. Friedman" <aryeh.friedman@gmail.com>
User-Agent: Thunderbird 2.0.0.6 (X11/20071111)
MIME-Version: 1.0
To: Peo Nilsson <per-olof.nilsson@comhem.se>
References: <1195144649.48014.4.camel@zeus.se>
In-Reply-To: <1195144649.48014.4.camel@zeus.se>
X-Enigmail-Version: 0.95.5
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: FreeBSD quest-list <freebsd-questions@freebsd.org>
Subject: Re: gnupg keysize
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Nov 2007 16:45:34 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Peo Nilsson wrote:
> Dear listmembers.
>
> When browsing: http://www.gnupg.org/gph/en/manual.html#INTRO
>
> It says: "The size of a DSA key must be between 512 and 1024 bits".
>  It also says: "The ElGamal key may be of any size".
>
> Who and why has defined this? In my opinion, the size of a key is a
> question for the user.

- -- #toc, .toc, .mw-warning { border: 1px solid #aaa; background-color:
#f9f9f9; padding: 5px; font-size: 95%; } #toc h2, .toc h2 { display:
inline; border: none; padding: 0; font-size: 100%; font-weight: bold;
} #toc #toctitle, .toc #toctitle, #toc .toctitle, .toc .toctitle {
text-align: center; } #toc ul, .toc ul { list-style-type: none;
list-style-image: none; margin-left: 0; padding-left: 0; text-align:
left; } #toc ul ul, .toc ul ul { margin: 0 0 0 2em; } #toc .toctoggle,
.toc .toctoggle { font-size: 94%; }@media print, projection, embossed
{ body { padding-top:1in; padding-bottom:1in; padding-left:1in;
padding-right:1in; } } body { font-family:'Times New Roman';
color:#000000; widows:2; font-style:normal; text-indent:0in;
font-variant:normal; font-size:12pt; text-decoration:none;
font-weight:normal; text-align:left; } table { } td {
border-collapse:collapse; text-align:left; vertical-align:top; } p,
h1, h2, h3, li { color:#000000; font-family:'Times New Roman';
font-size:12pt; text-align:left; vertical-align:normal; } -->Different
encryption schemes are "known" to be secure for certain key sizes and
have not been tested and/or known to be breakable for other ones.
This combined with the fact that PGP and other encryption front ends
such as SSH and SSL need to meet certain standards for the US
government  (and by extension most of the major corps around the
world) all of which require predefined key lengths means that the user
does not and should not in most cases have complete freedom to select
key sizes.

If your concerned about security the best thing to do is get involved
with various efforts to develop 2nd/3rd generation public-key algorithms.

- --
Aryeh M. Friedman
Developer, not business, friendly
http://www.flosoft-systems.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHPHeYJ9+1V27SttsRAouVAKCUlutI1KShPWOszBX2EhHLzBvsUQCcCD/y
verURUjM/6E8gq8/Jl66Ghk=
=SdsH
-----END PGP SIGNATURE-----