[Pkg-openssl-devel] Bug#487152: [wishlist] openssl.cnf should use default_bits = 2048
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Oct 19 04:23:33 UTC 2011
Package: openssl
Version: 1.0.0e-2
Followup-For: Bug #487152
It's not clear why this adjustment hasn't been applied to
/etc/ssl/openssl.cnf yet. 1024-bit RSA keys have been deprecated by
NIST since 2010. It will soon be 2012.
Thanks for maintaining OpenSSL in debian!
--dkg
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 3.0.0-1-686-pae (SMP w/1 CPU core)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssl depends on:
ii libc6 2.13-21
ii libssl1.0.0 1.0.0e-2
ii zlib1g 1:1.2.3.4.dfsg-3
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-certificates 20110502+nmu1
-- no debconf information
More information about the Pkg-openssl-devel
mailing list