<div dir="ltr">Hello,
<div><br></div><div>In the GPG section, we recommend DSA. For my mind, it's also what I would recommend but...</div><div>I did a Google search to be able to justify ;-). And I end up on this:</div><div><a href="http://www.linuxquestions.org/questions/linux-security-4/gpg-rsa-or-dsa-with-el-gamal-for-new-keys-565242/">http://www.linuxquestions.org/questions/linux-security-4/gpg-rsa-or-dsa-with-el-gamal-for-new-keys-565242/</a><br>
</div><div><br></div><div>In one of the answer, someone give a pretty good answer in my opinion. </div><div><br></div><div>The most interesting is probably this:</div><div><br></div><div>"""</div><div><span style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">Pros:</span><br style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">
<span style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">RSA - Common, studied, widely believed to be secure.</span><br style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">
<span style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">DSA - Widely compatible with GPG of just about any version. Shorter, more convenient signatures.</span><br style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">
<br style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)"><span style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">Cons:</span><br style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">
<span style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">RSA - Believed to be less secure than a DSA key of the same length. Ridiculously long signatures. Not as compatible, GPG wise.</span><br style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">
<span style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">DSA - Small keysize might leave it quickly vulnerable to a break. Underlying hash, while still trusted, is not suggested for use in new cryptographic applications.</span><br>
</div><div><span style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)">"""</span></div><div><span style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(207,217,255)"><br>
</span></div><div><div>I would then conclude with the usual answer: "Well, it depend" ;). Can we really recommend DSA instead of RSA? The biggest advantage of DSA seems to be it's compatbility with GPG wich is clearly important but not a valid crypto choice...</div>
</div><div><br></div><div>So, for me, we have basically 2 options:</div><div>- remove any recommendation (at let the default choice: DSA/DSA ;))</div><div>- explain that DSA is prefered for his compatbility but that, from a crypto point of view, it's difficult to recommend one against the other.</div>
<div><br></div><div>Does this sound correct? (Crypto expert, please help! :-D)</div><div><br></div><div>Kr,</div><div><br></div><div>David</div></div>