diff options
| author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2017-09-08 00:39:37 +0200 |
|---|---|---|
| committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2017-09-08 17:37:42 +0200 |
| commit | 7955262151a5c755814dd23414e6804f79125355 (patch) | |
| tree | fc592816033c3a742fa3c50ad967dd41c130f189 /doc/gpgsm.texi | |
| parent | tests: Fix a test which specifies expiration date. (diff) | |
| download | gnupg2-7955262151a5c755814dd23414e6804f79125355.tar.xz gnupg2-7955262151a5c755814dd23414e6804f79125355.zip | |
gpgsm: default to 3072-bit keys.
* doc/gpgsm.texi, doc/howto-create-a-server-cert.texi: : update
default to 3072 bits.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): update default to
3072 bits.
* sm/certreqgen.c (proc_parameters): update default to 3072 bits.
* sm/gpgsm.c (main): print correct default_pubkey_algo.
--
3072-bit RSA is widely considered to be 128-bit-equivalent security.
This is a sensible default in 2017.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Gbp-Pq: Topic update-defaults
Gbp-Pq: Name 0014-gpgsm-default-to-3072-bit-keys.patch
Diffstat (limited to 'doc/gpgsm.texi')
| -rw-r--r-- | doc/gpgsm.texi | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index 5d79ce54e..bdc6b8771 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -1073,7 +1073,7 @@ key. The algorithm must be capable of signing. This is a required parameter. The only supported value for @var{algo} is @samp{rsa}. @item Key-Length: @var{nbits} -The requested length of a generated key in bits. Defaults to 2048. +The requested length of a generated key in bits. Defaults to 3072. @item Key-Grip: @var{hexstring} This is optional and used to generate a CSR or certificate for an |