[Pkg-gnupg-maint] Bug#739424: gnupg dies with "gpg: out of secure memory [...]" since 1.4.16-1
Werner Koch
wk at gnupg.org
Wed Oct 1 17:01:27 UTC 2014
On Wed, 1 Oct 2014 17:05, schmorp at schmorp.de said:
> Key size clearly matters, which is why people no longer use rsa-512 or
> DES, and which is why people movew away from (standard 1024 bit) dsa.
I am talking about ridiculous large key sizes for the given systems
(Debian on standard CPUs). We use defaults, which are generally
considered good (2048 bit RSA), and allow the use of up to 4096 bit RSA
and 3072 DSA (as per standard). If you hack the system or use a bug to
create way larger keys you are on your own.
> The fix would be trivial without sacrificing any security.
It is sometimes better not to fix things. In this case I do not want to
help the race to more and more stupid key properties. If there is a
problem with an 8k RSA key I am willing to help, but somewhere we have
to stop.
>> I won't continue to discuss this here anymore.
>
> How well you maintain gnupg is your choice.
You noticed the "here"? Again: Please continue this discussion on a
suitable mailing list - I suggest gnupg-users.
Feel free to forward all these mails to gnupg-users. Drop me a note if
this needs moderation.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Pkg-gnupg-maint
mailing list