Author christian.heimes
Recipients alex, christian.heimes, dstufft, janssen
Date 2018-08-29.14:17:16
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1535552236.3.0.56676864532.issue34542@psf.upfronthosting.co.za>
In-reply-to
Content
In bug #34399, I updated all RSA keys to 2048. However that not sufficient for future proof settings. Fedora's FUTURE crypto policy requires 3072bit RSA keys. Further more, I forgot to update the signature algorithm, too.

* RSA >= 3072bits
* finite field DH >= 3072bits
* signature algorithm with SHA2-256 or SHA2-384 PKCSv1 #1.5 (I don't think RSASSA-PSS works with OpenSSL 1.0.2 or TLS < 1.0)
History
Date User Action Args
2018-08-29 14:17:16christian.heimessetrecipients: + christian.heimes, janssen, alex, dstufft
2018-08-29 14:17:16christian.heimessetmessageid: <1535552236.3.0.56676864532.issue34542@psf.upfronthosting.co.za>
2018-08-29 14:17:16christian.heimeslinkissue34542 messages
2018-08-29 14:17:16christian.heimescreate