[Tickets #12099] Re: create gpg keys for the 21th century

noreply at bugs.horde.org noreply at bugs.horde.org
Mon Mar 18 19:40:04 UTC 2013 

DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/12099
------------------------------------------------------------------------------
  Ticket             | 12099
  Updated By         | Michael Slusarz <slusarz at horde.org>
  Summary            | create gpg keys for the 21th century
  Queue              | Horde Base
  Version            | Git master
  Type               | Bug
  State              | Feedback
  Priority           | 2. Medium
  Milestone          |
  Patch              | 1
  Owners             | Michael Slusarz
------------------------------------------------------------------------------


Michael Slusarz <slusarz at horde.org> (2013-03-18 13:40) wrote:

> I partly agree but i guess you could dos just as well using 1024 bit keys....

Sure.  But as a *default*, it makes more sense.  At a minimum, random  
generation is O(n).  But on some machines it's probably something more  
(O(log n)?) since there can be no guarantee what the random generation  
is on any particular system.

> but indeed i first tried to make it configurable in this patch:
> https://github.com/immrr/horde/commit/63315234f112e138e48b36b06e5e30c59bb7a7c8
>
> but i reverted this patch, since it was suggested that 2048 could be  
> set as hardcoded default and the patch wrongly put the option in  
> prefs.php.

I guess this is just a disagreement with Jan about hardcoding the  
default into the template file.  Although I definitely agree with him  
that 1) a preference makes no sense (this is not the kind of thing to  
ever be changed by a user) and 2) there's probably zero reason to  
allow the user to choose the length - whatever the admin decides  
should be used.

> i can try to implement the feature again via conf.php, would you  
> consider to merge this? because e.g. in our setup we could easily  
> enable longer keys, since we have an entropy key.

Yes.  I think a conf.php setting would be appropriate.  Probably with  
1024, 2048, and 4096 as options (although, as mentioned above, 1024  
still needs to be the default out-of-the box).

More information about the bugs mailing list