From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=0.2 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 Received: (qmail 19037 invoked from network); 26 Nov 2023 19:09:21 -0000 Received: from 9front.inri.net (168.235.81.73) by inbox.vuxu.org with ESMTPUTF8; 26 Nov 2023 19:09:21 -0000 Received: from wout1-smtp.messagingengine.com ([64.147.123.24]) by 9front; Sun Nov 26 14:08:01 -0500 2023 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id 604363200A1D for <9front@9front.org>; Sun, 26 Nov 2023 14:07:58 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Sun, 26 Nov 2023 14:07:58 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bolddaemon.com; h=cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:sender:subject:subject:to:to; s=fm1; t= 1701025677; x=1701112077; bh=mjbeFbOXFK6onmhTIy3QLMw+QuU1VVb2wD+ 8aOYvMNs=; b=FfCtsf8faur2X8yme9UdYiKGeqv+TkXJNByKQLizgz6bA1nPjez 8WS0G4OHHvQj6IW9/abtJOF+cqbGZ+KqmJyIqwqwgyIXvKXZX5FCbAZpvlzpwLpg cQ2KRq+Z6Of7/pJEVmLBJpYBZQy8fFaKfAgpnYRtMmI4omRh0IEMxknVFqZ+znNb ShHaBbw7jXoCYcKg2R/NhtiTJjl0aeFrmSIGIK9YxqpCuc7K0J/Kl35E4jY0ZYAy nlpoT+AOTaa2xHEmJcIA/AEtsLopKgRryNxi9jVhJ7N806+oO7RcGssYVQfYg9Us w15b3OzWCp2nLTcEvireV44BiiwsdnIgMxA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1701025677; x= 1701112077; bh=mjbeFbOXFK6onmhTIy3QLMw+QuU1VVb2wD+8aOYvMNs=; b=3 h+Wi4oIznNAVwlOa+8YPJxAr1ib5z9uMmKekRPTNQEi1A71J7wTjrZvr4vmAowT1 iy9bJAfqcQ6jQsuY8GmzKRnb8zZiLJQ3fv0NB4WLVcPHfGk2xECq5Jgkqi4Bl8Cj qLKt2ISX7WwD75bRLlIp6gpq/e/PK4M63paGFBNhKbVDwNlfeCR8L/No4N/OPvSn vg5P/fxOhKe98vAX/1ZR+v0nyTY/QjDS0EfaSTaOpbmWUuJN3AyDZoZfCgOQEMq2 04FZAQJaKj8m2ErUegi5bAR5fvMTqJ641X22Fd0+awuOXKc9rS/6y7nzWySGUbwJ 00HDPR8X1AjDrP3M1GRbA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrudehledguddvgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhepkfffgggfuffvfhfhjggtgfesth ejredttddvjeenucfhrhhomheptegrrhhonhcuuehivggsvghruceorggrrhhonhessgho lhguuggrvghmohhnrdgtohhmqeenucggtffrrghtthgvrhhnpeevvdefleethfettdejue ehfeefudejffekieefffegffevheeutdehueefffejudenucevlhhushhtvghrufhiiigv pedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegrrghrohhnsegsohhluggurggvmhhonh drtghomh X-ME-Proxy: Feedback-ID: i545840d3:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for <9front@9front.org>; Sun, 26 Nov 2023 14:07:56 -0500 (EST) Message-ID: Date: Sun, 26 Nov 2023 12:07:55 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Content-Language: en-US To: 9front@9front.org References: From: Aaron Bieber In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: compliant leveraged polling AJAX CMS firewall Subject: Re: [9front] auth/rsagen: bump bits to 4096 Reply-To: 9front@9front.org Precedence: bulk On 11/26/23 09:50, ori@eigenstate.org wrote: > Quoth Aaron Bieber : >> My reasoning is basically since we don't have alternative key types >> (ed25519, ecdsa) for >> general usage / ssh, bump the default to the highest available. > why not DJB's post-quantum RSA proposal? I believe > that the key size used there was 8796093022208 bits. > > Changing it isn't wrong, but there's no "highest > available" size for RSA. Why 4096 specifically? > Ya, bad wording on my side. 4096 is the "max" supported by other tools, gpg for example. So staying under that bar would allow for key-portability. I am not married to it though.