This bug was fixed in the package quassel - 0.12.2-0ubuntu1
---
quassel (0.12.2-0ubuntu1) wily; urgency=medium
* Generate a 2048-bit cert. (LP: #1455990)
-- Michael Marley mich...@michaelmarley.com Sun, 17 May 2015
18:58:08 -0400
** Changed in: quassel (Ubuntu)
Status:
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1455990
Title:
quassel-core generates an insecure certificate upon installation
To manage
As it's self signed certificate the signature hash algorithm doesn't matter
much.
4096 bit seems a bit excessive, no?
Slightly offtopic:
Quassel stores the md5sum of certs the user has accepted. That's probably a bad
idea.
--
You received this bug notification because you are a member of
On Monday, May 18, 2015 09:14:12 PM you wrote:
While having a 4096-bit certificate is not necessary in order to be
secure, its only disadvantages are taking longer to generate (which I
don't think is much of an issue because it doesn't get regenerated very
often) and taking slightly longer for
While having a 4096-bit certificate is not necessary in order to be
secure, its only disadvantages are taking longer to generate (which I
don't think is much of an issue because it doesn't get regenerated very
often) and taking slightly longer for the handshake (which is
practically negligible on
OK, here is a patch for 2048-bit certificates. I also discovered that
OpenSSL generates the SHA256 hash automatically now, so there is no need
to specify that explicitly.
** Patch added: certificate.debdiff
The attachment certificate.debdiff seems to be a debdiff. The ubuntu-
sponsors team has been subscribed to the bug report so that they can
review and hopefully sponsor the debdiff. If the attachment isn't a
patch, please remove the patch flag from the attachment, remove the
patch tag, and if you