From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 26 Dec 94 12:14:24 PST
To: grmorgan@freenet.vcu.edu
Subject: Re: Moving from 1024-bit -> 2048-bit key.
In-Reply-To: <9412261907.AA10983@freenet.vcu.edu>
Message-ID: <199412261959.OAA17978@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


	Why revoke the old one?  If I want to send a message I don't
think needs 2048 RSA bits of security, why bother with it?  I have
little doubt the FBI would get your key from your computer at 1024
bits.  Thus, the effort needed to compromise a key does not change as
one moves from a 1024 to a 2048 bit key.

	Threat models are really helpful.  They become more helpful as
one acurately assesses ones enemies.  Ronald Kessler wrote a book
called The FBI.  Its fairly evenhanded examination of the post-Hoover
bureau.  He does gloss over DT & Waco; they occured as he was
finishing the book.  Reading it will give you good insight into the
way the FBI, and its agents, work.  (0-671-78657-1)


Adam


| >Once I've generated a 2048-bit key, how can I update my key on the 
| >keyservers?
| >
| 
| First you need to generate a key revocation for your old key
| and post that to the servers.  Then just email your new key to
| the server.

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume