diff --git a/common.ent b/common.ent index 812a800..eeaab54 100644 --- a/common.ent +++ b/common.ent @@ -97,6 +97,7 @@ <!ENTITY url-newmaint-id "https://&www-debian-org;/devel/join/nm-step2"> <!ENTITY url-newmaint-guide "https://&www-debian-org;/doc/maint-guide/"> <!ENTITY url-gpg-coord "https://wiki.debian.org/Keysigning"> +<!ENTITY url-gpg-keylength "https://&lists-host;/debian-devel-announce/2010/09/msg00003.html"> <!ENTITY url-debian-security-advisories "https://&www-debian-org;/security/"> <!ENTITY url-tech-ctte "https://&www-debian-org;/devel/tech-ctte"> <!ENTITY url-ddpo "https://qa.debian.org/developer.php"> diff --git a/new-maintainer.dbk b/new-maintainer.dbk index 5ee79ab..79d0817 100644 --- a/new-maintainer.dbk +++ b/new-maintainer.dbk @@ -150,8 +150,9 @@ url="&url-rfc2440;">RFC 2440</ulink>. </para> <para> You need a version 4 key for use in Debian Development. <ulink -url="https://lists.debian.org/20090520092534.GG22906@earth.li">Your key length must -be greater than 1024 bits</ulink>; there is no reason to use a smaller key, and doing so +url="&url-gpg-keylength;">Your key length must +be greater than 2048 bits (4096 bits is preferred)</ulink>; +there is no reason to use a smaller key, and doing so would be much less secure.<footnote><para> Version 4 keys are keys conforming to the OpenPGP standard as defined in RFC 2440. Version 4 is the key type that has always been created when using GnuPG. PGP versions since 5.x also could