security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpgsm: default to 3072-bit keys.

Browse source 
* doc/gpgsm.texi, doc/howto-create-a-server-cert.texi: : update
default to 3072 bits.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): update default to
3072 bits.
* sm/certreqgen.c (proc_parameters): update default to 3072 bits.
* sm/gpgsm.c (main): print correct default_pubkey_algo.

--

3072-bit RSA is widely considered to be 128-bit-equivalent security.
This is a sensible default in 2017.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Gbp-Pq: Topic update-defaults
Gbp-Pq: Name 0014-gpgsm-default-to-3072-bit-keys.patch
(cherry picked from commit 7955262151)
This commit is contained in:
Daniel Kahn Gillmor 2017-09-07 18:39:37 -04:00 committed by Andre Heinecke
parent 92e26ade5c
commit 121286d9d1
No known key found for this signature in database
GPG key ID: 2978E9D40CBABA5C
5 changed files with 12 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

2
sm/certreqgen-ui.c
View file

@ -138,7 +138,7 @@ gpgsm_gencertreq_tty (ctrl_t ctrl, estream_t output_stream)
unsigned int nbits;
int minbits = 1024;
int maxbits = 4096;
int defbits = 2048;
int defbits = 3072;
const char *keyusage;
char *subject_name;
membuf_t mb_email, mb_dns, mb_uri, mb_result;