diff options
author | Michał Górny <mgorny@gentoo.org> | 2018-07-04 12:13:20 +0200 |
---|---|---|
committer | Michał Górny <mgorny@gentoo.org> | 2018-07-29 22:07:26 +0200 |
commit | 0c3faea77f9bcb5efec82b175b704408e48572fa (patch) | |
tree | e4cf3c593628b10c3d4a386e35f2ddf16054209a /glep-0063.rst | |
parent | glep-0063: Require renewal 2 weeks before expiration (diff) | |
download | glep-0c3faea77f9bcb5efec82b175b704408e48572fa.tar.gz glep-0c3faea77f9bcb5efec82b175b704408e48572fa.tar.bz2 glep-0c3faea77f9bcb5efec82b175b704408e48572fa.zip |
glep-0063: Disallow using DSA keys
There really is no technical reason to use DSA keys and people who are
still using old DSA keys should finally replace them, so remove them
from the minimal requirements.
Diffstat (limited to 'glep-0063.rst')
-rw-r--r-- | glep-0063.rst | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/glep-0063.rst b/glep-0063.rst index ca834a8..300456b 100644 --- a/glep-0063.rst +++ b/glep-0063.rst @@ -37,6 +37,8 @@ v2 has been added. This is in order to give services and other developers time to refresh the key. + The usage of DSA keys has been disallowed. + v1.1 The recommended RSA key size has been changed from 4096 bits to 2048 bits to match the GnuPG recommendations [#GNUPG-FAQ-11-4]_. @@ -78,11 +80,9 @@ not be used to commit. 3. Primary key and the signing subkey are both of type EITHER: - a. DSA, 2048-bit - - b. RSA, >=2048 bits (OpenPGP v4 key format or later only) + a. RSA, >=2048 bits (OpenPGP v4 key format or later only) - c. ECC curve 25519 + b. ECC curve 25519 4. Expiration date on key and all subkeys set to no more than 900 days into the future |