> Again, I?m not saying using a 16kRSA key is a good idea. It?s not a good idea, > one should really consider ECC instead (both for performance and network > reasons). But keeping this 2048 bytes limit is not a security decision. It?s the > result of a trade-off choice, right. And that doesn't make it a bad decision > either. +1
