This is a copy from https://bugzilla.redhat.com/show_bug.cgi?id=1062777
openssl currently employs SHA256 for signing certificates by default. For larger key sizes, it would be better to choose a stronger hash algorithm instead, as long as the user doesn't request some specific algorithm. See "Recommendation for Key Management," NIST Special Publication 800-57 Part 1 Rev. 3, 07/2012: By default, unless the user requests otherwise, use SHA-256 for RSA bits <= 3072 use SHA-384 for 3072 < RSA bits <= 7680 use SHA-512 for 7680 < RSA bits -- Peter Backes, r...@helen.plasma.xg8.de ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
