The current [0] crypto-policies in Rawhide contain additional policy
named as NEXT. You can switch the system to it as root via command:
update-crypto-policies --set NEXT
The difference to the current DEFAULT policy is that TLS versions 1.0
and 1.1 are disabled and the minimum key length of RSA keys and minimum
length of DH parameters are 2048 bits.
There is also a FUTURE policy which in addition to this limits also the
symmetric crypto key length to minimum of 256 bits. However as this
policy is not really useful as it does not provide post-quantum safety
for asymmetric algorithms it might be eventually dropped (aliased to
the NEXT policy).
[0] crypto-policies-20180802-1.git1626592.fc29
--
Tomáš Mráz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/HCTK64OKDIOFCO542XPE45GREH22IGML/
