Create a proposal for making various minimum/maximum key sizes configurable

[t8m]

openssl/openssl#25094 suggested changing the minimum RSA key size from 512 to 1024 bits.

This will break some use cases - most likely testing. On the other hand 1024 bits is not secure sufficiently anyway so eventually only 2048 bit and above keys should be generated. However this would break even more legacy use cases. To allow them but not allow generating insecure keys by default these minimum (and possibly maximum) key sizes should be made configurable.

A proposal for the configuration needs to be created.

[ryancdotorg]

What if we spit out an obviously bad statically defined key when 512 bit RSA is requested?

This really wouldn't be less secure than generating a random one.

-----BEGIN RSA XXXVATE KEY-----
MIIBUgIBAAJBAKUd//++DANGER+++WEAK+KEY+FOR+TEST+ONLY+++DANGER++//
+1k/tACZNJsobHZ1iS8yvU46Fksc/z9WrnsCAwEAAQJARfkBrOJf+t7AUFOxmsmJ
iFaDMQuL8SlxyZY/Wa6r59NzGeA9NvUVYR86d0/9SMMU/oegQWSUPhG8bFdwRi+0
EQI5AQHNvLBVloaWRzCR47UNC0VukJph7GEzx4+X6WhQ6S8C5JT2NL8qyG8aP/l2
rp4zD3S6LzZq/OapAgkAo/ZErEk9NoMCOGib9CHVSPQpzI9P04cm2Nj+qVyLuaAj
o6mHqeVzV3uE//3V/cdIc/ZpP2ZZmzeEXpQt7HR3a1GpAgh9ttAWrR0TEwI5ALhp
MkQwyNkBrvBdbKoxqsO3oLLtz6bC8KJjarLyn3z48AieMeuV2EPIDmbyMORQeDTF
Y8EKPmBM
-----END RSA XXXVATE KEY-----

[nhorman]

@vdukhovni to write proposal to make this actionable