> EC Keys: >= 224 bits > RSA keys: >= 2048 bits > DH params: >= 2048 bits > EdDSA: Ed25519 & Ed448 are good > > & depths below, e.g. 1024b RSA or DH, are rejected >
Hmm - when using elliptic curve algos like X25519 / x448 I don't think dh params are needed/used any longer - are they? And if they were being used (with rsa or whatever), aren't finite field like ffde4096 (a la rfc 7919 [1]) the preferred choice? If were me, I would completely eliminate any RSA certs anyway - there's no longer any need to use them at all. [1] [https://datatracker.ietf.org/doc/html/rfc7919](https://datatracker.ietf.org/doc/html/rfc7919) ``` -- ``` Gene
signature.asc
Description: This is a digitally signed message part
_______________________________________________ dovecot mailing list -- [email protected] To unsubscribe send an email to [email protected]
