Doc out of date for dnssec-keygen (max rsa length)
Summary
The documentation for dnssec-keygen is not up to date for rsa key max length
BIND version used
err, named -V does not return anything. is it supposed to work ? no matter. FTR, it's named 9.11.3+dfsg-1ubuntu1 from UBUNTU 18.04 LTS but I don't think it matters since git cloning the code today shows that this issue still exists
Steps to reproduce
man dnssec-keygen
What is the current bug behavior?
displays: -b keysize Specifies the number of bits in the key. The choice of key size depends on the algorithm used. RSA keys must be between 512 and 2048 bits
What is the expected correct behavior?
-b keysize Specifies the number of bits in the key. The choice of key size depends on the algorithm used. RSA keys must be between 512 and 4096 bits
see bin/dnssec/dnssec-keygen.c:#define MAX_RSA 4096 /* should be long enough... */
indeed using -b 4096 is accepted and it works.
html documentation has the same problem