aboutsummaryrefslogtreecommitdiffstats
path: root/sm/certreqgen-ui.c
diff options
context:
space:
mode:
authorDaniel Kahn Gillmor <[email protected]>2017-09-07 22:39:37 +0000
committerDaniel Kahn Gillmor <[email protected]>2017-09-08 15:37:42 +0000
commit7955262151a5c755814dd23414e6804f79125355 (patch)
treefc592816033c3a742fa3c50ad967dd41c130f189 /sm/certreqgen-ui.c
parenttests: Fix a test which specifies expiration date. (diff)
downloadgnupg-7955262151a5c755814dd23414e6804f79125355.tar.gz
gnupg-7955262151a5c755814dd23414e6804f79125355.zip
gpgsm: default to 3072-bit keys.
* doc/gpgsm.texi, doc/howto-create-a-server-cert.texi: : update default to 3072 bits. * sm/certreqgen-ui.c (gpgsm_gencertreq_tty): update default to 3072 bits. * sm/certreqgen.c (proc_parameters): update default to 3072 bits. * sm/gpgsm.c (main): print correct default_pubkey_algo. -- 3072-bit RSA is widely considered to be 128-bit-equivalent security. This is a sensible default in 2017. Signed-off-by: Daniel Kahn Gillmor <[email protected]> Gbp-Pq: Topic update-defaults Gbp-Pq: Name 0014-gpgsm-default-to-3072-bit-keys.patch
Diffstat (limited to 'sm/certreqgen-ui.c')
-rw-r--r--sm/certreqgen-ui.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/sm/certreqgen-ui.c b/sm/certreqgen-ui.c
index 9772a3baf..4f8a1ac9d 100644
--- a/sm/certreqgen-ui.c
+++ b/sm/certreqgen-ui.c
@@ -138,7 +138,7 @@ gpgsm_gencertreq_tty (ctrl_t ctrl, estream_t output_stream)
unsigned int nbits;
int minbits = 1024;
int maxbits = 4096;
- int defbits = 2048;
+ int defbits = 3072;
const char *keyusage;
char *subject_name;
membuf_t mb_email, mb_dns, mb_uri, mb_result;
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-27 08:03:43 +0000