Actions
Feature #1858
closed
default SSL-cert should at least use 2048 bit RSA-keys
Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
09/08/2011
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Description
after installing a new box the system-SSL-cert should default to 2048 or even 4096 bit RSA-keys
current: RSA - 1024 bit
expected: >= 2048 bit
TODO: change in /etc/ssl/openssl.cnf
default_bits = 2048
maybe we want to change it even to be 4096?
#paranoiasmile# :)
further reading:
Mozilla: Dates for Phasing out MD5-based signatures and 1024-bit moduli
Microsoft: A Note on Implementation of the Requirement to Issue Longer Key Length Certificates
Updated by 
Updated by 
Updated by
Actions