On Mon, Mar 03, 2014 at 07:37:53PM +0000, Reuben Thomas wrote: > On 3 March 2014 18:13, Gunnar Wolf <gwolf@gwolf.org> wrote: > > As keyring maintainers, we no longer consider 1024D keys to be > > trustable. We are not yet mass-removing them, because we don't want to > > hamper the project's work, but we definitively will start being more > > aggressively deprecating their use. 1024D keys should be seen as > > brute-force vulnerable nowadays. Please do migrate away from them into > > stronger keys (4096R recommended) as soon as possible. > Please could you change https://wiki.debian.org/DebianMaintainer , which > currently says a ">= 2048 bit" key is required (I assume this is still > correct) but does not specifically recommend 4096? I recently became a DM, > and created a 2048 bit key to do so, as that satisfied the advice given on > that page, and also happened to be the default length offered by GPG on my > system. Only after I'd had it signed and uploaded it did I find advice that > new keys should be 4096 bits. > (I've already reported this issue in a couple of different places; the page > is not user-editable or I'd've fixed it myself!) Done. The page is user editable, provided that you're logged in to the wiki. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slangasek@ubuntu.com vorlon@debian.org
Attachment:
signature.asc
Description: Digital signature