[nycbug-talk] RSA/DSA for encryption: has it's time come?

Okan Demirmen okan at demirmen.com
Tue Aug 27 16:55:41 EDT 2013

On Wed, Aug 7, 2013 at 9:58 AM, Isaac (.ike) Levy
<ike at blackskyresearch.net> wrote:
> Hi All,
> I'd love to know what people's thoughts are on the state of older
> RSA/DSA encryption, versus the future of eliptic curve ECDSA:
> http://www.technologyreview.com/news/517781/math-advances-raise-the-prospect-of-an-internet-security-crisis/
> --
> A few years ago, a number of us were wary of the brand-spankin'-new ECC
> crypto for use in SSH public keys.  And then months later, there were
> some ECDSA/ssh implementation problems exposed:
> http://marc.info/?l=openssh-unix-dev&m=130613765816780&w=2
> So, that was 2 years ago, ECDSA implementations are now no longer in
> their infancy.
> --
> What are people's thoughts on the practicality of starting to use ECDSA
> keys?
> Has anyone here seen their use mandated over RSA/DSA in a business setting?
> Has anyone just jumped into ECDSA bliss, and not looked back?

Not that this might mean much, but I use them.

As for policies in a business setting; I gather such technical
policies are made by people like you, so it's likely up to what folks
like you write in said policies :)

More information about the talk mailing list