Andrey Jivsov <openpgp(_at_)brainhub(_dot_)org> writes:
NIST is working on SP 800 131, in which RSA 2048 is the minimum
allowed algorithm, corresponding to 110 bit security. The document
suggests to disallow PKCS#1.5 padding after 2013. If we are going to
address this, it makes sense to do such a significant change together
along with ECC, as specified in
http://sites.google.com/site/brainhub/pgp.
Supporting PKCS#1 v2.0 padding sounds like a separate effort though. Is
anyone interested in that?
/Simon