Re: [PATCH 0/5] [GIT PULL] tracing: A few last minute clean up and fixes

From: Konstantin Ryabitsev
Date: Thu Apr 12 2018 - 15:00:43 EST

Next message: Oleksandr Natalenko: "Re: usercopy whitelist woe in scsi_sense_cache"
Previous message: John Hubbard: "Re: [PATCH] mmap.2: MAP_FIXED is okay if the address range has been reserved"
In reply to: Steven Rostedt: "Re: [PATCH 0/5] [GIT PULL] tracing: A few last minute clean up and fixes"
Next in thread: Steven Rostedt: "Re: [PATCH 0/5] [GIT PULL] tracing: A few last minute clean up and fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 04/12/18 14:28, Steven Rostedt wrote:
> That is 4096. I pushed it to the key servers about a half hour ago,
> hopefully, it has made its way around, as I'm going to start using it.

I semi-heartily recommend using an ECDSA key instead (ED25519), because
it will be much faster and we know they work fine for Linus since jejb
uses them to sign his tags. My understanding is that 4096-bit RSA keys
are pretty slow on Nitrokey Start devices.

If you want to stick to RSA instead of the new-fangled ECC (if you can
call a standard from 1980s new-fangled, that is), there is really no
benefit to having a signing subkey stronger than 2048 bits, especially
for the purposes of signing git objects -- which are only as strong as SHA1.

Regards,
--
Konstantin Ryabitsev
Director, IT Infrastructure Security
The Linux Foundation

Attachment: signature.asc
Description: OpenPGP digital signature

Next message: Oleksandr Natalenko: "Re: usercopy whitelist woe in scsi_sense_cache"
Previous message: John Hubbard: "Re: [PATCH] mmap.2: MAP_FIXED is okay if the address range has been reserved"
In reply to: Steven Rostedt: "Re: [PATCH 0/5] [GIT PULL] tracing: A few last minute clean up and fixes"
Next in thread: Steven Rostedt: "Re: [PATCH 0/5] [GIT PULL] tracing: A few last minute clean up and fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]