diff options
| author | Daniel Kahn Gillmor <[email protected]> | 2017-09-07 22:41:10 +0000 |
|---|---|---|
| committer | Daniel Kahn Gillmor <[email protected]> | 2019-07-20 18:16:20 +0000 |
| commit | 9420c525db20719682ea4aeca41e7af058309ecb (patch) | |
| tree | 0aa093fe9b0950d072d0e137c416a1756e6968b0 /agent/command.c | |
| parent | agent: Avoid scheduled checks on socket when inotify is working. (diff) | |
| download | gnupg-9420c525db20719682ea4aeca41e7af058309ecb.tar.gz gnupg-9420c525db20719682ea4aeca41e7af058309ecb.zip | |
gpg: default to 3072-bit RSA keys.
* agent/command.c (hlp_genkey): update help text to suggest the use of
3072 bits.
* doc/wks.texi: Make example match default generation.
* g10/keygen.c (DEFAULT_STD_KEY_PARAM): update to
rsa3072/cert,sign+rsa3072/encr, and fix neighboring comment,
(gen_rsa, get_keysize_range): update default from 2048 to 3072).
* g10/keyid.c (pubkey_string): update comment so that first example
is the default 3072-bit RSA.
--
3072-bit RSA is widely considered to be 128-bit-equivalent security.
This is a sensible default in 2017.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
(cherry picked from commit 909fbca19678e6e36968607e8a2348381da39d8c)
Gbp-Pq: Topic from-master
Gbp-Pq: Name gpg-default-to-3072-bit-RSA-keys.patch
Diffstat (limited to '')
| -rw-r--r-- | agent/command.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/agent/command.c b/agent/command.c index c24fc80fd..72b597318 100644 --- a/agent/command.c +++ b/agent/command.c @@ -843,7 +843,7 @@ static const char hlp_genkey[] = "\n" " C: GENKEY\n" " S: INQUIRE KEYPARAM\n" - " C: D (genkey (rsa (nbits 2048)))\n" + " C: D (genkey (rsa (nbits 3072)))\n" " C: END\n" " S: D (public-key\n" " S: D (rsa (n 326487324683264) (e 10001)))\n" |