@foone
Anything ECDSA will do really, though some curves are better than others.
Personally I have an RSA key for annoying old machines and a NIST P-384 key for everything else, but ed25519 is pretty popular too and in the same ball park.
Some people don't like the NIST curves because the NSA muddled with Dual_EC_DRBG, but that incident was suspected before confirmed by Snowden, and no similar suspicions exist for the NIST curves.
Anything ECDSA will do really, though some curves are better than others.
Personally I have an RSA key for annoying old machines and a NIST P-384 key for everything else, but ed25519 is pretty popular too and in the same ball park.
Some people don't like the NIST curves because the NSA muddled with Dual_EC_DRBG, but that incident was suspected before confirmed by Snowden, and no similar suspicions exist for the NIST curves.
@foone
... Except that ed25519 isn't ECDSA, it's EdDSA.
Similar enough that it doesn't really matter for the above advice, but still.
... Except that ed25519 isn't ECDSA, it's EdDSA.
Similar enough that it doesn't really matter for the above advice, but still.
- replies
- 0
- announces
- 0
- likes
- 0