Comment 4 for bug 237391

Revision history for this message
Lars Noodén (larsnooden) wrote : New connections not made that often

@Neal: That's a valid critique of debian's SSL implementation not related to DSA vs RSA.

DSA is faster for signing and RSA is faster for verification.
  http://neubia.com/archives/000191.html
  ftp://ftp.rfc-editor.org/in-notes/rfc2536.txt
  http://home.pacbell.net/tpanero/crypto/dsa.html

RSA is weaker than a DSA key of the same length, so to get the same effect, one must use a longer key. I'm not sure that the neubia link above takes that into account. So if the default stays as RSA, it might be an idea to increase the default RSA key length.

These are signature algorithms anyway and only used at the beginning anyway. After the client and server authenticate, the rest is done with ciphers like Blowfish or IDEA. So for SSH it's not a problem to use DSA at all, new connections are not made that often.