From: "Michał Górny" <mgorny@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] data/glep:master commit in: /
Date: Sun, 29 Jul 2018 20:51:03 +0000 (UTC) [thread overview]
Message-ID: <1532894846.daad7b4d427ad88c919c1357fedd7068ea0b862f.mgorny@gentoo> (raw)
commit: daad7b4d427ad88c919c1357fedd7068ea0b862f
Author: Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Mon Jul 2 20:01:44 2018 +0000
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Sun Jul 29 20:07:26 2018 +0000
URL: https://gitweb.gentoo.org/data/glep.git/commit/?id=daad7b4d
glep-0063: Change the recommended RSA key size to 2048 bits
Change the recommended key size recommendation for RSA from 4096 bits
to 2048 bits. Use of larger keys is unjustified due to negligible gain
in security, and recommending RSA-4096 unnecessarily resulted
in developers replacing their RSA-2048 keys for no good reason.
glep-0063.rst | 20 +++++++++++++++-----
1 file changed, 15 insertions(+), 5 deletions(-)
diff --git a/glep-0063.rst b/glep-0063.rst
index f4b49c2..fb09dd8 100644
--- a/glep-0063.rst
+++ b/glep-0063.rst
@@ -7,7 +7,7 @@ Author: Robin H. Johnson <robbat2@gentoo.org>,
Michał Górny <mgorny@gentoo.org>
Type: Standards Track
Status: Final
-Version: 1
+Version: 1.1
Created: 2013-02-18
Last-Modified: 2018-07-07
Post-History: 2013-11-10
@@ -25,6 +25,15 @@ Abstract
This GLEP provides both a minimum requirement and a recommended set of
OpenPGP key management policies for the Gentoo Linux distribution.
+Changes
+=======
+
+v1.1
+ The recommended RSA key size has been changed from 4096 bits
+ to 2048 bits to match the GnuPG recommendations [#GNUPG-FAQ-11-4]_.
+ The larger recommendation was unjustified and resulted in people
+ unnecessarily replacing their RSA-2048 keys.
+
Motivation
==========
@@ -113,15 +122,13 @@ their primary key).
# when making an OpenPGP certification, use a stronger digest than the default SHA1:
cert-digest-algo SHA256
-2. Primary key type RSA, 4096 bits (OpenPGP v4 key format or later)
-
- This may require creating an entirely new key.
+2. Primary key type RSA, 2048 bits (OpenPGP v4 key format or later)
3. The signing subkey of EITHER:
a. DSA 2048 bits exactly.
- b. RSA 4096 bits exactly.
+ b. RSA 2048 bits exactly.
4. Key expiry:
@@ -174,6 +181,9 @@ Much of the above was driven by the following:
References
==========
+.. [#GNUPG-FAQ-11-4] GnuPG FAQ: Why doesn’t GnuPG default to using RSA-4096?
+ (https://www.gnupg.org/faq/gnupg-faq.html#no_default_of_rsa4096)
+
.. [#DEBIANGPG] Debian GPG documentation
(https://wiki.debian.org/Keysigning)
next reply other threads:[~2018-07-29 20:51 UTC|newest]
Thread overview: 348+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-29 20:51 Michał Górny [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-09-26 11:44 [gentoo-commits] data/glep:master commit in: / Ulrich Müller
2024-09-08 19:29 Ulrich Müller
2024-09-08 19:21 Ulrich Müller
2024-07-22 5:43 Ulrich Müller
2024-07-22 5:43 ` Ulrich Müller
2024-07-16 16:18 Ulrich Müller
2024-04-16 18:36 Ulrich Müller
2024-04-16 18:36 Ulrich Müller
2024-04-16 18:36 Ulrich Müller
2024-04-16 18:36 Ulrich Müller
2024-02-27 9:30 Ulrich Müller
2023-12-02 12:02 Ulrich Müller
2023-12-02 12:02 Ulrich Müller
2023-09-16 16:20 Ulrich Müller
2023-09-15 15:30 Ulrich Müller
2023-05-14 19:14 Ulrich Müller
2023-05-14 19:14 Ulrich Müller
2023-05-08 19:16 Ulrich Müller
2023-05-08 17:12 Ulrich Müller
2023-05-08 17:12 Ulrich Müller
2023-05-08 17:12 Ulrich Müller
2023-05-08 17:12 Ulrich Müller
2023-05-08 17:12 Ulrich Müller
2023-05-08 17:12 Ulrich Müller
2023-05-08 17:12 Ulrich Müller
2023-05-08 17:12 Ulrich Müller
2023-04-16 8:08 [gentoo-commits] data/glep:glep39 " Ulrich Müller
2023-05-08 17:12 ` [gentoo-commits] data/glep:master " Ulrich Müller
2023-04-16 8:08 [gentoo-commits] data/glep:glep39 " Ulrich Müller
2023-05-08 17:12 ` [gentoo-commits] data/glep:master " Ulrich Müller
2023-04-16 8:08 [gentoo-commits] data/glep:glep39 " Ulrich Müller
2023-05-08 17:12 ` [gentoo-commits] data/glep:master " Ulrich Müller
2023-04-10 13:29 [gentoo-commits] data/glep:glep39 " Ulrich Müller
2023-03-12 20:10 ` [gentoo-commits] data/glep:master " Ulrich Müller
2023-04-10 13:29 [gentoo-commits] data/glep:glep39 " Ulrich Müller
2023-03-12 20:10 ` [gentoo-commits] data/glep:master " Ulrich Müller
2023-04-01 9:04 Ulrich Müller
2023-04-01 9:04 Ulrich Müller
2023-03-12 20:14 Ulrich Müller
2023-03-12 20:10 Ulrich Müller
2023-03-12 20:10 Ulrich Müller
2023-02-22 8:18 Ulrich Müller
2022-11-15 20:10 Michał Górny
2022-11-13 20:20 Ulrich Müller
2022-11-13 20:20 Ulrich Müller
2022-11-13 20:20 Ulrich Müller
2022-11-13 20:20 Ulrich Müller
2022-11-13 20:20 Ulrich Müller
2022-11-13 20:20 Ulrich Müller
2022-11-13 16:57 [gentoo-commits] data/glep:glep76 " Ulrich Müller
2022-11-03 12:40 ` [gentoo-commits] data/glep:master " Ulrich Müller
2022-11-13 16:57 [gentoo-commits] data/glep:glep76 " Ulrich Müller
2022-11-03 12:40 ` [gentoo-commits] data/glep:master " Ulrich Müller
2022-11-03 12:40 Ulrich Müller
2022-11-03 12:40 Ulrich Müller
2022-10-30 13:59 Michał Górny
2022-10-14 15:35 Michał Górny
2022-10-14 15:35 Michał Górny
2022-10-04 6:56 Michał Górny
2022-10-04 6:56 Michał Górny
2022-10-04 6:56 Michał Górny
2022-09-21 17:31 Michał Górny
2022-09-21 17:31 Michał Górny
2022-09-21 17:31 Michał Górny
2022-09-12 6:20 Michał Górny
2022-09-12 6:20 Michał Górny
2022-09-12 6:20 Michał Górny
2022-09-12 6:20 Michał Górny
2022-09-12 6:20 Michał Górny
2022-08-14 19:35 Ulrich Müller
2022-08-14 19:32 Ulrich Müller
2022-08-14 19:29 Ulrich Müller
2022-08-14 19:29 Ulrich Müller
2022-07-31 21:45 Ulrich Müller
2022-07-31 21:26 Ulrich Müller
2022-07-31 17:28 Ulrich Müller
2022-07-31 17:28 Ulrich Müller
2022-07-25 19:59 Ulrich Müller
2022-07-25 19:59 Ulrich Müller
2022-07-16 7:04 Ulrich Müller
2022-07-14 10:30 Ulrich Müller
2022-07-14 10:30 Ulrich Müller
2022-07-14 10:30 Ulrich Müller
2022-07-14 10:30 Ulrich Müller
2022-07-11 19:26 Ulrich Müller
2022-07-09 10:08 Ulrich Müller
2022-07-08 17:36 Ulrich Müller
2022-07-08 17:36 Ulrich Müller
2022-07-02 8:37 Ulrich Müller
2022-06-12 19:13 Ulrich Müller
2022-06-12 19:09 Ulrich Müller
2022-05-08 5:48 Ulrich Müller
2022-05-08 5:48 Ulrich Müller
2022-05-08 5:48 Ulrich Müller
2022-04-15 5:50 Ulrich Müller
2022-04-15 4:27 Robin H. Johnson
2022-01-10 6:14 Ulrich Müller
2021-09-12 19:24 Ulrich Müller
2021-09-11 14:03 Ulrich Müller
2021-08-08 20:06 Ulrich Müller
2021-07-12 7:04 Ulrich Müller
2021-06-20 16:42 Ulrich Müller
2021-06-17 20:08 Ulrich Müller
2021-06-09 7:32 Michał Górny
2021-05-31 8:44 Ulrich Müller
2021-05-31 8:12 Michał Górny
2021-03-14 19:57 Michał Górny
2021-01-04 7:12 Ulrich Müller
2020-05-10 19:36 Ulrich Müller
2020-05-06 8:30 Michał Górny
2020-05-01 19:49 Ulrich Müller
2020-04-22 9:00 Ulrich Müller
2020-04-22 9:00 Ulrich Müller
2020-04-22 9:00 Ulrich Müller
2020-04-22 9:00 Ulrich Müller
2020-04-22 9:00 Ulrich Müller
2020-04-22 9:00 Ulrich Müller
2020-04-22 9:00 Ulrich Müller
2020-04-22 9:00 Ulrich Müller
2020-04-22 9:00 Ulrich Müller
2020-04-12 17:37 Ulrich Müller
2019-12-21 13:05 Ulrich Müller
2019-12-08 19:38 Ulrich Müller
2019-12-05 15:07 Ulrich Müller
2019-11-24 10:23 Ulrich Müller
2019-11-24 10:23 Ulrich Müller
2019-11-15 11:59 Ulrich Müller
2019-11-11 10:00 Ulrich Müller
2019-11-11 9:49 Ulrich Müller
2019-11-11 9:49 Ulrich Müller
2019-11-07 6:35 Michał Górny
2019-11-06 14:36 Ulrich Müller
2019-10-07 10:58 Ulrich Müller
2019-07-30 18:48 Ulrich Müller
2019-07-29 14:51 Michał Górny
2019-07-22 7:15 Ulrich Müller
2019-07-15 19:01 Michał Górny
2019-06-18 13:04 Michał Górny
2019-06-18 12:34 Ulrich Müller
2019-06-18 12:24 Michał Górny
2019-06-17 20:14 Ulrich Müller
2019-06-10 16:33 Ulrich Müller
2019-06-10 15:58 Ulrich Müller
2019-05-13 18:44 Ulrich Müller
2019-05-13 18:44 Ulrich Müller
2019-05-02 16:40 Michał Górny
2019-04-14 21:04 Ulrich Müller
2019-04-14 12:54 Michał Górny
2019-04-03 8:12 Michał Górny
2019-04-02 13:43 Michał Górny
2019-03-14 13:10 Michał Górny
2019-03-14 13:10 Michał Górny
2019-03-03 20:52 Ulrich Müller
2019-03-03 7:16 Michał Górny
2019-02-23 15:35 Ulrich Müller
2019-02-23 10:26 Ulrich Müller
2018-12-21 10:16 Ulrich Müller
2018-12-08 9:41 Ulrich Müller
2018-12-01 12:59 Ulrich Müller
2018-12-01 12:59 Ulrich Müller
2018-12-01 10:43 Ulrich Müller
2018-11-17 13:08 Ulrich Müller
2018-10-28 18:50 Ulrich Müller
2018-10-27 7:31 Ulrich Müller
2018-10-27 7:31 Ulrich Müller
2018-10-21 11:10 Ulrich Müller
2018-10-21 11:10 Ulrich Müller
2018-10-21 11:10 Ulrich Müller
2018-10-21 11:10 Ulrich Müller
2018-09-15 23:02 Ulrich Müller
2018-09-12 11:43 Ulrich Müller
2018-09-12 11:29 Ulrich Müller
2018-09-08 13:42 Ulrich Müller
2018-08-31 15:35 [gentoo-commits] data/glep:glep-0076 " Ulrich Müller
2018-08-31 14:57 ` [gentoo-commits] data/glep:master " Ulrich Müller
2018-08-31 14:57 Ulrich Müller
2018-08-31 14:57 Ulrich Müller
2018-08-31 14:57 Ulrich Müller
2018-08-31 14:57 Ulrich Müller
2018-08-31 14:57 Ulrich Müller
2018-08-31 14:57 Ulrich Müller
2018-08-31 14:57 Ulrich Müller
2018-08-31 14:57 Ulrich Müller
2018-08-31 14:57 Ulrich Müller
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-29 20:51 Michał Górny
2018-07-17 22:39 Ulrich Müller
2018-07-17 22:39 Ulrich Müller
2018-07-13 13:06 Ulrich Müller
2018-07-13 13:06 Ulrich Müller
2018-06-19 17:15 Ulrich Müller
2018-06-19 17:15 Ulrich Müller
2018-06-10 20:36 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-06-10 18:42 Ulrich Müller
2018-05-19 12:20 Ulrich Müller
2018-04-17 18:42 Ulrich Müller
2018-04-09 19:26 Ulrich Müller
2018-04-08 20:05 Ulrich Müller
2018-04-07 17:00 Ulrich Müller
2018-03-11 19:20 Michał Górny
2018-03-11 19:20 Michał Górny
2018-02-07 15:00 Ulrich Müller
2018-02-07 15:00 Ulrich Müller
2018-02-07 15:00 Ulrich Müller
2018-02-07 15:00 Ulrich Müller
2017-12-27 13:11 Ulrich Müller
2017-12-16 9:00 Michał Górny
2017-12-11 7:53 Ulrich Müller
2017-12-11 7:53 Ulrich Müller
2017-12-11 7:53 Ulrich Müller
2017-12-11 7:53 Ulrich Müller
2017-12-11 7:53 Ulrich Müller
2017-11-29 14:51 Michał Górny
2017-11-27 20:25 Ulrich Müller
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-25 20:49 Michał Górny
2017-11-21 20:44 Ulrich Müller
2017-11-18 22:21 Ulrich Müller
2017-11-13 17:35 [gentoo-commits] data/glep:glep-manifest " Michał Górny
2017-11-13 16:08 ` [gentoo-commits] data/glep:master " Michał Górny
2017-11-13 17:35 [gentoo-commits] data/glep:glep-manifest " Michał Górny
2017-11-13 16:08 ` [gentoo-commits] data/glep:master " Michał Górny
2017-11-13 17:34 Ulrich Müller
2017-11-13 16:08 Michał Górny
2017-11-13 16:08 Michał Górny
2017-11-13 14:45 Ulrich Müller
2017-11-12 21:17 Ulrich Müller
2017-11-12 21:17 Ulrich Müller
2017-11-12 21:17 Ulrich Müller
2017-11-12 21:17 Ulrich Müller
2017-11-10 8:11 Ulrich Müller
2017-11-09 14:14 Ulrich Müller
2017-11-09 6:03 Ulrich Müller
2017-11-07 21:05 Ulrich Müller
2017-11-06 7:48 Ulrich Müller
2017-11-04 18:03 Ulrich Müller
2017-11-04 18:03 Ulrich Müller
2017-11-04 17:24 Robin H. Johnson
2017-11-04 17:24 Robin H. Johnson
2017-11-03 16:49 Ulrich Müller
2017-11-02 19:09 [gentoo-commits] data/glep:glep-manifest " Michał Górny
2017-10-27 17:44 ` [gentoo-commits] data/glep:master " Michał Górny
2017-11-02 19:09 [gentoo-commits] data/glep:glep-manifest " Michał Górny
2017-10-27 17:44 ` [gentoo-commits] data/glep:master " Michał Górny
2017-10-28 11:57 Ulrich Müller
2017-10-28 10:12 Ulrich Müller
2017-10-19 5:24 Ulrich Müller
2017-10-18 11:38 Ulrich Müller
2017-10-18 11:38 Ulrich Müller
2017-10-17 12:27 Ulrich Müller
2017-10-17 12:27 Ulrich Müller
2017-10-15 19:47 Michał Górny
2017-10-15 19:47 Michał Górny
2017-10-15 19:45 Michał Górny
2017-10-15 19:45 Michał Górny
2017-10-15 19:45 Michał Górny
2017-10-15 19:45 Michał Górny
2017-10-15 19:45 Michał Górny
2017-10-15 19:45 Michał Górny
2017-10-15 19:18 Ulrich Müller
2017-10-15 19:18 Ulrich Müller
2017-10-15 19:18 Ulrich Müller
2017-10-15 19:18 Ulrich Müller
2017-10-14 9:20 Ulrich Müller
2017-10-14 9:20 Ulrich Müller
2017-10-14 9:20 Ulrich Müller
2017-10-14 9:20 Ulrich Müller
2017-10-14 9:20 Ulrich Müller
2017-10-14 9:20 Ulrich Müller
2017-10-12 12:17 Ulrich Müller
2017-10-12 12:17 Ulrich Müller
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
2017-10-09 13:56 Michał Górny
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1532894846.daad7b4d427ad88c919c1357fedd7068ea0b862f.mgorny@gentoo \
--to=mgorny@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox