Mailing List Archive: Precompiled Windows-Binaries with Large-Secmem-Support

Precompiled Windows-Binaries with Large-Secmem-Support

Jan 2, 2021, 3:13 AM

Post #1 of 4 (308 views)

Hello!
I know there are and have been fierce discussions about the useful length of RSA-Keys. I don't want to dive deeper into that, and I hope this special question has not been discussed recently:
The generation of large RSA-Keys is extremely well hidden for normal users, it requires batch-mode, enable-large-rsa and a special file with instructions. Thus the danger for inexperienced users to mess up their keys is rather low.
Nevertheless the officially available precompiled Windows-Binaries come without support for these large keys (at least those included into GPG4Win).
May I suggest to compile future builds for Windows with enable-large-secmem?!
Thanks for discussing and considering.
Karel

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Precompiled Windows-Binaries with Large-Secmem-Support [ In reply to ]

gnupg-users at gnupg

Jan 2, 2021, 1:58 PM

Post #2 of 4 (308 views)

Permalink

> I know there are and have been fierce discussions about the useful
> length of RSA-Keys. I don't want to dive deeper into that, and I hope
> this special question has not been discussed recently:

If you're going to propose a change like that, you need to make a case
for it.

* Who currently is being harmed by not supporting RSA-16384?
* Why is RSA-16384 necessary for them?

"Because I think it would be cool" is a good answer if you're the one
writing the patch and volunteering to do long-term support of it. All
other people need to be able to answer it.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Precompiled Windows-Binaries with Large-Secmem-Support [ In reply to ]

gnupg-users at gnupg

Jan 3, 2021, 6:21 AM

Post #3 of 4 (308 views)

Permalink

>
> "Because I think it would be cool" is a good answer if you're the one
> writing the patch and volunteering to do long-term support of it. All
> other people need to be able to answer it.
>

Hello!
I suspect the tone of your reply and the fact that you put me near script kiddies is due to the previous discussions about key length?!
So let me set the record straight on a few things:
I did not talk about 16384bit keys, nor did I suggest or demand a patch for GnuPG.
I merely asked why the official Windows binaries (at least those inGPG4Win) are not compiled with the already existing option "enable-large-secmem", which would allow keys up to 8192bit in batch mode operation, and suggested to do so in future versions.
Much has already been argued about the sense or nonsense, we don't need to repeat that here. But the option is already implemented and used in other ready-made packages, e.g. in Debian Buster. So to the best of my knowledge beyond a setting switch when compiling new versions, there would be no long-term support effort in the code. So why not also under Windows?
Karel

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Precompiled Windows-Binaries with Large-Secmem-Support [ In reply to ]

gnupg-users at gnupg

Jan 3, 2021, 11:19 AM

Post #4 of 4 (308 views)

Permalink

> I merely asked why the official Windows binaries (at least those
> inGPG4Win) are not compiled with the already existing option
> "enable-large-secmem", which would allow keys up to 8192bit in batch

That option has only been introduced to satisfy the needs of a few
nerds and for helping with research tasks. Those who need this should
know how to setup up a build and distribution system needed for their
special needs.

Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

Mailing List Archive

Mailing List Archive

Attached Files: