Package: python-gnupg
Version: 0.3.4-1
Severity: normal
in gnupg.py's declaration of the GPG class, we see:
976 def gen_key_input(self, **kwargs):
977 """
978 Generate --gen-key input per gpg doc/DETAILS
979 """
980 parms = {}
981 for key, val in list(kwargs.items()):
982 key = key.replace('_','-').title()
983 if str(val).strip(): # skip empty strings
984 parms[key] = val
985 parms.setdefault('Key-Type','RSA')
986 parms.setdefault('Key-Length',1024)
1024-bit RSA keys have been deprecated for years now [0]. gpg itself
defaults to 2048 bits. gnupg.py should not encourage creation of weak
keys.
--dkg
[0] pp. 63-66 of
http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.11-rc4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages python-gnupg depends on:
ii gnupg 1.4.14-1
ii python 2.7.5-4
python-gnupg recommends no packages.
python-gnupg suggests no packages.
-- debconf-show failed
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
