On 2017-10-12 14:49:31 [+0100], Toni Mueller wrote: > Package: openssl > Version: 1.1.0f-3 > Severity: normal > Tags: security upstream > > > Hi, > > the genrsa(1) manpage suggests that 1024 bits may be a typical key size > for RSA keys. I have to object - the Debian project deprecated 1024 bit > keys in GnuPG for a reason, and recently, there was also a bug in GnuPG > that allowed for 1024 bit keys to be broken. > > I'm not suggesting a code change, but that the man page be updated to > suggest using 2048 bit keys instead.
That is one way to interpret it. The default is setting are 2048 bits. The paragraph describes a problem keys that 64bit in size or less. I would just drop the last sentence. > Cheers, > --Toni++ Sebastian