Mention in the documentation that the method of generating RSA keys

might give a bit count one less than the one the user asked for. Two
people have been worried by this now, and it's probably worth
documenting that it's perfectly normal.

[originally from svn r2369]

doc/pubkey.but

@@ -1,4 +1,4 @@
-\versionid $Id: pubkey.but,v 1.19 2002/11/01 21:50:35 jacob Exp $
+\versionid $Id: pubkey.but,v 1.20 2002/12/27 16:54:14 simon Exp $
 
 \C{pubkey} Using public keys for SSH authentication
 
@@ -150,6 +150,18 @@ of the key PuTTYgen will generate.
 
 Currently 1024 bits should be sufficient for most purposes.
 
+Note that an RSA key is generated by finding two primes of half the
+length requested, and then multiplying them together. For example,
+if you ask PuTTYgen for a 1024-bit RSA key, it will create two
+512-bit primes and multiply them. The result of this multiplication
+might be 1024 bits long, or it might be only 1023; so you may not
+get the exact length of key you asked for. This is perfectly normal,
+and you do not need to worry. The lengths should only ever differ by
+one, and there is no perceptible drop in security as a result.
+
+DSA keys are not created by multiplying primes together, so they
+should always be exactly the length you asked for.
+
 \S{puttygen-generate} The \q{Generate} button
 
 \cfg{winhelp-topic}{puttygen.generate}