The FAQ says "Such keys were advertised as being full-length, but are actually, half the time, half as long as advertised". This would only be true in base 1. In binary, the keys are only 1 bit shorter. Well, I guess that a quarter of the time they would be 2 bits shorter, etc. -- I haven't checked. On the other hand, OpenSSH keys always have the high bit on, actually making a naive brute force attack easier than against SSH's SSH keys (half as many possible keys). This cannot matter very much.
I agree "half as long" is a little misleading, "half as large" is closer to the truth. wrt the brute force argument, forcing the high-bit on would make the brute force attack harder as there would be more potential factors for a given number (remember these are RSA keys). Though I don't know the scaling for state of the art sieving.
I do not see anything wrong there. A 1023-bit RSA key is a 1023-bit key, and not a 1024-bit key.
A 1023-bit key is not a 512-bit key. Saying that it is "half as long as advertised" is saying that it is a 512-bit key. Not true.
*** This bug has been marked as a duplicate of 132 ***
This is not the same bug as 132. This is a bug in the FAQ. 132 is a bug/feature of real code. They are related, but not the same.
the language has been modified to just say smaller than advertised. they are still half the size, its the base two logarithm that is one shorter.
Mass change of RESOLVED bugs to CLOSED