-
Hello @twiss, Good afternoon OpenPGP.js team! I am curious about how OpenPGP.js considers weak key types. I am a new learner here, so I apologize if this question is nonsensical or inappropriate. I know that the team decided to reject ElGamal and DSA key types based on the following links here: openpgpjs/src/config/config.js Line 247 in 026b348 Line 397 in 026b348 But I'd like to know when it will be considered a weak key. For example, would it still be correct to consider an ElGamal key weak if it is composed of 4096 bits? Answers mean a lot to me. thank you in advance! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
ElGamal and DSA have been deprecated by the crypto-refresh on security grounds (see https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#section-12.5 and https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#section-12.6), so it's not based on the key size for them 🙂 |
Beta Was this translation helpful? Give feedback.
ElGamal and DSA have been deprecated by the crypto-refresh on security grounds (see https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#section-12.5 and https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#section-12.6), so it's not based on the key size for them 🙂