István Fajth created HDDS-7400:
----------------------------------
Summary: Extend configurability of the internal PKI system
Key: HDDS-7400
URL: https://issues.apache.org/jira/browse/HDDS-7400
Project: Apache Ozone
Issue Type: Sub-task
Reporter: István Fajth
Assignee: István Fajth
In order to conform with an organisation's internal security regulations, we
need to ensure that the relevant parts of our PKI system is configurable.
The key items to make sure are configurable for the first sight (default values
are in parenthesis):
- key length for certificates (2048 bit)
- key length for CA certificates (2048 bit)
- key algo (SHA256withRSA)
- certificate lifetime (365 days)
- CA certificate lifetime (1865 days)
- revocation window (proposed: 4 hours)
The list is certainly not full, and should/can be extended as new things are
identified.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
