Package: ssl-cert Version: 1.0.39 Severity: wishlist The current default keylength for the snakeoil cert is 2048 bits. However, these certs could now live for ten years (3650 days), which as I type this could be upto 2028.
Various technical bodies are recently that for long-lived secrets, a factoring modulus (i.e., RSA key size) of 3072 bits is recommended: https://www.keylength.com/en/4/ https://www.keylength.com/en/compare/ 2048b should be good until the year 2030, but we're approaching that now: https://en.wikipedia.org/wiki/Key_size#Asymmetric_algorithm_key_lengths While most commercial certificate authorities (CAs) give out 2048 bit certficites, those are only valid for 1-2 years (90 days in the case of Let's Encrypt), so the risk is much less in the short term. Can "-newkey rsa:3072" be added to the ssl-cert script for better future proofing? -- System Information: Debian Release: 9.5 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-7-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages ssl-cert depends on: ii adduser 3.115 ii debconf [debconf-2.0] 1.5.61 ii openssl 1.1.0f-3+deb9u2 ssl-cert recommends no packages. Versions of packages ssl-cert suggests: pn openssl-blacklist <none> -- debconf information excluded