[Pkg-openssl-devel] Bug#487152: Bug#487152: [wishlist] openssl.cnf should use default_bits = 2048
Christoph Martin
martin at uni-mainz.de
Mon Jun 23 11:15:13 UTC 2008
Jamie Strandboge schrieb:
> Package: openssl
> Version: 0.9.8g-4ubuntu3.1
> Severity: wishlist
>
>
> As we are approaching a time when 1024 bits is not going to be long
> enough, it might be a good idea to consider changing openssl.cnf to
> have:
>
> [ req ]
> default_bits = 2048
>
> Interestingly, while it is currently 1024, the man page still says 512:
>
> $ man req
> ....
> default_bits
> This specifies the default key size in bits. If not specified then
> 512 is used. It is used if the -new option is used. It can be over‐
> ridden by using the -newkey option.
> ....
1024 is the default in openssl.cnf but is it also in the code when you
don't use the conf entry?
Christoph
--
============================================================================
Christoph Martin, Leiter der EDV der Verwaltung, Uni-Mainz, Germany
Internet-Mail: Christoph.Martin at Verwaltung.Uni-Mainz.DE
Telefon: +49-6131-3926337
Fax: +49-6131-3922856
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20080623/ad04264d/attachment-0001.pgp
More information about the Pkg-openssl-devel
mailing list