Comment 4 for bug 237391
Revision history for this message
| Lars Noodén (larsnooden) wrote New connections not made that often | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
@Neal: That's a valid critique of debian's SSL implementation not related to DSA vs RSA.
DSA is faster for signing and RSA is faster for verification.
http://
ftp://ftp.
http://
RSA is weaker than a DSA key of the same length, so to get the same effect, one must use a longer key. I'm not sure that the neubia link above takes that into account. So if the default stays as RSA, it might be an idea to increase the default RSA key length.
These are signature algorithms anyway and only used at the beginning anyway. After the client and server authenticate, the rest is done with ciphers like Blowfish or IDEA. So for SSH it's not a problem to use DSA at all, new connections are not made that often.