Le 07/02/2017 à 05:01, Patrick Figel a écrit :
> On 27/01/2017 19:53, Ryan Sleevi wrote:
>> On Fri, Jan 27, 2017 at 3:47 AM, Gervase Markham <[email protected]>
wrote:
>>>
>>> * RSA keys with a minimum modulus size of 2048 bits
>>>
>>
>> Nits and niggles: Perhaps 2048, 3072, 4096?
>>
>> - 8K RSA keys cause Web PKI interop problems
>> - RSA keys that aren't modulo 8 create interop problems
>
> It looks like a number of CAs currently accept RSA keys with modulus
> sizes != (2048, 3072, 4096). Censys currently finds 21,150 EE certs[1].
> Does it make more sense to explicitly add the mod 8 requirement to the
> policy in this case, while allowing anything >= 2048 <= 4096?
>
> [1]:
>
https://censys.io/certificates?q=current_valid_nss%3A+true+and+parsed.subject_key_info.key_algorithm.name%3A+RSA+not+parsed.subject_key_info.rsa_public_key.length%3A+%282048+or+3092+or+4096%29&page=1
>
Why the 4096 limit?
https://rsa8192.badssl.com/ work well, and if somebody wish a
certificate with that size of key (or even bigger), why refusing it?
ECC certificates are allowed but cause a lot of PKI interop problems
too. That's not a reason for refusing it.
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
