Hi, everyone. Here's a series of patches for GLEP 63 (key policies). The first three patches are merely editorial changes. The fourth is an actual recommended policy change.
The editorial changes are: 1. Using 'OpenPGP' instead of 'GPG' where appropriate. 2. Replacing 'RSAv4' with more correct term. 3. Clarifying the sentence on minimal key requirement to make it clear that dedicated signing subkey is also part of it. The policy change is changing the recommendation from RSA-4096 to RSA-2048. This does not require developers to reroll their RSA-4096 keys but aims to prevent people unnecessarily replacing RSA-2048 with RSA-4096. The new recommendation matches what GnuPG FAQ suggests [1] (see 11.4, 11.5). Long story short, RSA-4096 is only a little stronger than RSA-2048 while it is much slower. If someone really wants to use it, sure; but generally we shouldn't be encouraging people to use it. [1]:https://www.gnupg.org/faq/gnupg-faq.html#no_default_of_rsa4096 -- Best regards, Michał Górny Michał Górny (4): glep-0063: Use 'OpenPGP' as appropriate glep-0063: RSAv4 -> OpenPGP v4 key format glep-0063: Clarify dedicated signing subkey in minimal reqs glep-0063: Change the recommended RSA key size to 2048 bits glep-0063.rst | 44 ++++++++++++++++++++++++++++---------------- 1 file changed, 28 insertions(+), 16 deletions(-) -- 2.18.0
