On Fri, May 25, 2012 at 09:25:29PM +0000, Christian Weisgerber wrote: > Jason McIntyre <[email protected]> wrote: > > > > While making a self-signed key for use with Apache I noticed that the > > > FAQ recommends deprecated crypto (RSA-1024 and SHA1). I chose instead > > > RSA-4096 and sha256. A couple patches for the website and manual page > > > are below. > > > > changes committed, thanks. > > RSA-4096 is really excessive. RSA-2048 is the general recommendation > and what we use by default for SSH and IKE host keys. >
i wish you'd commented earlier then ;( would you like it shifted to 2048? jmc
