[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DOC: Revise CG 3.4 Commit Access (issue 4898058)

From: Reinhold Kainhofer
Subject: Re: DOC: Revise CG 3.4 Commit Access (issue 4898058)
Date: Sun, 21 Aug 2011 15:29:41 +0200
User-agent: KMail/1.13.6 (Linux/2.6.38-10-generic; KDE/4.7.0; i686; ; )

Am Friday, 19. August 2011, 05:11:30 schrieben Sie:
> On Fri, Aug 19, 2011 at 03:21:03AM +0200, Reinhold Kainhofer wrote:
> > Am Friday 19 August 2011, 02:29:22 schrieb address@hidden:
> > > On 2011/08/18 11:42:13, Reinhold wrote:
> > > > Why did you change all dsa to rsa?
> > 
> > It's not only savannah, it's basically everone who knows a little bit
> > about security...
> Wait, I'm confused again, so I looked it up.
> says "we recommend using only RSA keys, not DSA".
> Does that page give incorrect advice?

Ah, okay, it's because of the bad random number generator... AFAIK, it's true 
that with DSA implementation there are much more things that one can mess up 
and loose security. That's their argument. 
On the other hand, longer rsa keys have been broken than dsa. Theory vs. 

Anyway, since Debian apparently shipped a bad random number generator (causing 
DSA keys to be weak there), some projects like Debian disabled access for dsa 
keys altogether.

So, I retract my objections to rsa keys. Let's change the CG to recomment RSA 
keys, instead.


Reinhold Kainhofer, address@hidden,
 * Financial & Actuarial Math., Vienna Univ. of Technology, Austria
 *, DVR: 0005886
 * LilyPond, Music typesetting,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]