On 06/09/2011 11:23 PM, Ewen McNeill wrote:
However the KSK bit size is on the sticker on the outside, and easily measurable, so is likely to be a point of
Having waded through this thread, I am going to offer an opinion - an opinion that, thus far has served me well. If you are going to go through the hassle of deploying encryption; whether it be for security, or trust - then you might as well go through the effort of ensuring that use the highest available key sizing available. I know there are a lot of technical and performance issues to consider, but as I said this little mantra makes sense based purely on increasing computational power gains. Why settle for something that may be compromised in 5 years when you can get 10 years to begin with. -JoelW