On 3 March 2014 18:13, Gunnar Wolf <gwolf@gwolf.org [1]> wrote:
As keyring maintainers, we no longer consider 1024D keys to be
trustable. We are not yet mass-removing them, because we dont want
to
hamper the projects work, but we definitively will start being more
aggressively deprecating their use. 1024D keys should be seen as
brute-force vulnerable nowadays. Please do migrate away from them
into
stronger keys (4096R recommended) as soon as possible.
Please could you change https://wiki.debian.org/DebianMaintainer [2]
,
which currently says a ">= 2048 bit" key is required (I assume this
is
still correct) but does not specifically recommend 4096? I recently
became a DM, and created a 2048 bit key to do so, as that satisfied
the advice given on that page, and also happened to be the default
length offered by GPG on my system. Only after Id had it signed and
uploaded it did I find advice that new keys should be 4096 bits.
(Ive already reported this issue in a couple of different places; the
page is not user-editable or Idve fixed it myself!)
Links:
------
[1] mailto:gwolf@gwolf.org
[2] https://wiki.debian.org/DebianMaintainer