Package: gnupg Version: 2.2.20-1 Severity: minor File: /usr/share/info/gnupg.info.gz
The documentation for ---default-new-key-algo says that the default is rsa2048/cert,sign+rsa2048/encr but gpg-default-to-3072-bit-RSA-keys.patch changes this to rsa3072/cert,sign+rsa3072/encr. I suggest updating the wording so: This option can be used to change the default algorithms for key generation. The STRING is similar to the arguments required for the command '--quick-add-key' but slightly different. For example the current default of '"rsa3072/cert,sign+rsa3072/encr"' can be changed to the value of what we currently call future default, which is '"ed25519/cert,sign+cv25519/encr"'. You need to consult the source code to learn the details. Note that the advanced key generation commands can always be used to specify a key algorithm directly. The default of rsa3072 is specific to Debian. Upstream GPG still defaults to rsa2048. -- System Information: Debian Release: 10.3 APT prefers stable-debug APT policy: (570, 'stable-debug'), (570, 'stable'), (550, 'testing-debug'), (550, 'testing'), (530, 'unstable-debug'), (530, 'unstable'), (500, 'stable-updates'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.6.0-1-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_USER, TAINT_OOT_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: SELinux: enabled - Mode: Permissive - Policy name: default Versions of packages gnupg depends on: ii dirmngr 2.2.20-1 ii gnupg-l10n 2.2.20-1 ii gnupg-utils 2.2.20-1 ii gpg 2.2.20-1 ii gpg-agent 2.2.20-1 ii gpg-wks-client 2.2.20-1 ii gpg-wks-server 2.2.20-1 ii gpgsm 2.2.20-1 ii gpgv 2.2.20-1 gnupg recommends no packages. Versions of packages gnupg suggests: pn parcimonie <none> pn xloadimage <none> -- no debconf information