This is the mail archive of the cygwin-apps@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: RSA or DSA ssh keypairs preferred?


Max Bowsher wrote:

Any preference RSA or DSA? I've never managed to find anything saying
whether one is better than the other or not.

DSA are 'newer' and lack of a little bug in calculating the fingerprint (in old RSA keys it is possible to forge a fingerprint just moving bits from the exponent to the base, see in it.sci.crypt faq for more infos). Though RSA keys created today doesn't have the same problem too, I think.
Another pro of DH/DSA key is the capacity to have separaetd subkeys, which can expire indipendently.
From the security standpoint there is no reason to choose one or the other AFAIK.
Today I would suggest DH/DSA.

--
Lapo 'Raist' Luchini
lapo@lapo.it (PGP & X.509 keys available)
http://www.lapo.it (ICQ UIN: 529796)




Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]