gpg: default to 3072-bit RSA keys.
* agent/command.c (hlp_genkey): update help text to suggest the use of 3072 bits. * doc/wks.texi: Make example match default generation. * g10/keygen.c (DEFAULT_STD_KEY_PARAM): update to rsa3072/cert,sign+rsa3072/encr, and fix neighboring comment, (gen_rsa, get_keysize_range): update default from 2048 to 3072). * g10/keyid.c (pubkey_string): update comment so that first example is the default 3072-bit RSA.
3072-bit RSA is widely considered to be 128-bit-equivalent security.
This is a sensible default in 2017.
(cherry picked from commit 909fbca19678e6e36968607e8a2348381da39d8c)
Gbp-Pq: Topic from-master
Gbp-Pq: Name gpg-default-to-3072-bit-RSA-keys.patch
- Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>