RSA or DSA ssh keypairs preferred?
Lapo Luchini
lapo@lapo.it
Sun Nov 24 17:17:00 GMT 2002
Max Bowsher wrote:
>Any preference RSA or DSA? I've never managed to find anything saying
>whether one is better than the other or not.
>
DSA are 'newer' and lack of a little bug in calculating the fingerprint
(in old RSA keys it is possible to forge a fingerprint just moving bits
from the exponent to the base, see in it.sci.crypt faq for more infos).
Though RSA keys created today doesn't have the same problem too, I think.
Another pro of DH/DSA key is the capacity to have separaetd subkeys,
which can expire indipendently.
From the security standpoint there is no reason to choose one or the
other AFAIK.
Today I would suggest DH/DSA.
--
Lapo 'Raist' Luchini
lapo@lapo.it (PGP & X.509 keys available)
http://www.lapo.it (ICQ UIN: 529796)
More information about the Cygwin-apps
mailing list