On 5/11/20 9:23 am, Jonas Witschel wrote:
On 2020-11-04 21:53, Geert Hendrickx via pacman-dev wrote:
Larger RSA keys are not the way forward, switch to ed25519 instead. This will also become the default in the next version of GnuPG. [...] -Key-Type: RSA -Key-Length: 4096 +Key-Type: EDDSA +Key-Curve: ed25519
I will note that the strength of Ed25519 is estimated to be roughly comparable to RSA 3027 [1], so the currently chosen RSA 4096 is actually a slightly stronger algorithm. I am not saying that this is an argument against using Ed25519, which I believe offers ample security for the foreseeable future, but to be honest, I do not see a pressing need to switch either:
One main benefit of elliptic curves is the much smaller key size, but that is not important for a locally-generated signing key that by design will never be shared with anyone else.
On the other hand, Ed25519 is still not formally included in the OpenPGP specification [2]. (Again, this is not necessarily an argument against its internal use in pacman, since it only needs to be processable by GnuPG.)
However, given the above facts, personally I would feel more comfortable holding back this change for now, at least until GnuPG has actually made the switch to Ed25519 as its default algorithm.
These are strong arguments to keep the current default. Particularly given there is nothing wrong with the current default at the moment, and you can initialize your pacman keyring "by hand" if you really are concerned. Allan