Am 29.09.22 um 12:19 schrieb Evgeniy Berdnikov via Exim-users:
corps and gov entities, which states, that 2048 bit RSA keys, for any purpose,*should* not be used anymore in 2022.https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.pdf?__blob=publicationFile&v=10 Comment to table 3.1: | For a period of use beyond 2022, it is recommended to use RSA/DLIES | keys of 3000 bits length to achieve a consistent level of security in | all recommended asymmetric encryption schemes. The key length of 2000 | bits will remain compliant with this Technical Guideline for DLIES | keys until the end of 2022, and also transitionally for RSA keys until | the end of 2023. So, BSI statement is significantly different from what you wrote.
"recommended" is a suggestion to do something, not an enforcement. So "should" is the correct form.
To shorten this up: 'You "should" use bigger keys, for a usage beyond 2022, but you don't need to.' (to stay compliant with the tr)
My POV here: "why waiting". Encryption doesn't slow down todays cpus anymore as it has 15 years ago, same for a smartphone soc.
best regards, Marius
OpenPGP_0x048770A738345DD3.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/