Message324324
In bug #34399, I updated all RSA keys to 2048. However that not sufficient for future proof settings. Fedora's FUTURE crypto policy requires 3072bit RSA keys. Further more, I forgot to update the signature algorithm, too.
* RSA >= 3072bits
* finite field DH >= 3072bits
* signature algorithm with SHA2-256 or SHA2-384 PKCSv1 #1.5 (I don't think RSASSA-PSS works with OpenSSL 1.0.2 or TLS < 1.0) |
|
Date |
User |
Action |
Args |
2018-08-29 14:17:16 | christian.heimes | set | recipients:
+ christian.heimes, janssen, alex, dstufft |
2018-08-29 14:17:16 | christian.heimes | set | messageid: <1535552236.3.0.56676864532.issue34542@psf.upfronthosting.co.za> |
2018-08-29 14:17:16 | christian.heimes | link | issue34542 messages |
2018-08-29 14:17:16 | christian.heimes | create | |
|