| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Apr 2018 15:00:28 -0400
From: Konstantin Ryabitsev <konstantin@...uxfoundation.org>
To: Steven Rostedt <rostedt@...dmis.org>,
Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Ingo Molnar <mingo@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Konstantin Ryabitsev <mricon@...nel.org>
Subject: Re: [PATCH 0/5] [GIT PULL] tracing: A few last minute clean up and
fixes
On 04/12/18 14:28, Steven Rostedt wrote:
> That is 4096. I pushed it to the key servers about a half hour ago,
> hopefully, it has made its way around, as I'm going to start using it.
I semi-heartily recommend using an ECDSA key instead (ED25519), because
it will be much faster and we know they work fine for Linus since jejb
uses them to sign his tags. My understanding is that 4096-bit RSA keys
are pretty slow on Nitrokey Start devices.
If you want to stick to RSA instead of the new-fangled ECC (if you can
call a standard from 1980s new-fangled, that is), there is really no
benefit to having a signing subkey stronger than 2048 bits, especially
for the purposes of signing git objects -- which are only as strong as SHA1.
Regards,
--
Konstantin Ryabitsev
Director, IT Infrastructure Security
The Linux Foundation
Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)
Powered by blists - more mailing lists