Requirement: It MUST be possible to configure the software so that smaller keylengths are completely disabled

[UlisesGascon]

Original discussion: https://github.com/nodejs/security-wg/pull/954/files#r1179650439
@mhdawson @tniessen @richardlau

The security mechanisms within the software produced by the project MUST use default keylengths that at least meet the NIST minimum requirements through the year 2030 (as stated in 2012). It MUST be possible to configure the software so that smaller keylengths are completely disabled.

[RafaelGSS]

If someone wants to, they can use custom OpenSSL configurations, custom OpenSSL providers, or even custom dynamically linked OpenSSL builds to "configure" Node.js's crypto module