On Mon, 4 Dec 2006, Ralf G. R. Bergs wrote:
> > NIST recommends to use 1024 bits. BSI (the German one, not the
> > British) recommends 1280 bits. Both do not really differentiate
> > between ephemeral session keys and long-term keys. But bumping the
>
> But it makes quite a difference how you use them... :-)
>
> > value is easy and probably the right thing to do from a PR angle.
>
> I doubt that it's a good idea to just change something to look good from
> a PR point of view. :-)
>
> What I *do* consider important, tho, is that we get the Opera guys and
> Exim to agree upon what is safe and what is unsafe. What do you think
> about this?
I am not a cryptographer. If certain experts (NIST, BSI) recommend
larger numbers than the current 768 (which came with the contributed
code, I suppose), then I am happy to change the number without regard to
the PR aspects. Unless somebody tells me not to, I am about to change it
to 1024 for the next release. Or should I use 1280?
--
Philip Hazel University of Cambridge Computing Service
Get the Exim 4 book: http://www.uit.co.uk/exim-book
