** Description changed: - 1024-bit RSA เลิกใช้แล้วเมื่อหลายปีก่อนโดย NIST [1], Microsoft [2] - และอื่น ๆ เมื่อไม่นานมานี้ [3] + 1024-bit RSA was deprecated years ago by NIST[1], Microsoft[2] and more + recently by others[3]. - คีย์การลงชื่อ 1024 - บิตไม่เพียงพอที่จะรับประกันความถูกต้องของซอฟต์แวร์ที่แจกจ่ายจาก - Launchpad.net รวมถึง PPA - ควรมีกลไกในการปฏิเสธการเซ็นชื่อคีย์ด้านล่างความยาวคีย์ต่ำสุดตามชนิดของคีย์ - คีย์การเซ็นชื่อ 1024 บิตควรเลิกใช้แล้วนำออกจาก Launchpad.net - โดยเร็วที่สุด โครงการในอนาคตและ PPAs ควรถูกห้ามไม่ให้ใช้คีย์การลงชื่อ - 1024 บิต + 1024-bit signing keys are insufficient to guarantee the authenticity of + software distributed from Launchpad.net including PPAs. There should be + a mechanism to refuse signing keys below a minimum key length based on + key type. 1024-bit signing keys should be deprecated and removed from + Launchpad.net itself ASAP. Future projects and PPAs should be + disallowed from using 1024-bit signing keys. 1. http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf 2. http://blogs.technet.com/b/pki/archive/2012/06/12/rsa-keys-under-1024-bits-are-blocked.aspx 3. https://threatpost.com/mozilla-1024-bit-cert-deprecation-leaves-107000-sites-untrusted/108114
** Changed in: launchpad Assignee: wachirapranee tesprasit (tatar28) => (unassigned) ** Changed in: apt (Ubuntu) Assignee: wachirapranee tesprasit (tatar28) => (unassigned) ** Changed in: gnupg2 (Ubuntu) Assignee: wachirapranee tesprasit (tatar28) => (unassigned) ** Changed in: launchpad Status: Fix Released => New ** Changed in: apt (Ubuntu) Status: Fix Released => Invalid ** Changed in: gnupg2 (Ubuntu) Status: Fix Released => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1461834 Title: 1024-bit signing keys should be deprecated Status in Launchpad itself: New Status in apt package in Ubuntu: Invalid Status in gnupg2 package in Ubuntu: Confirmed Bug description: 1024-bit RSA was deprecated years ago by NIST[1], Microsoft[2] and more recently by others[3]. 1024-bit signing keys are insufficient to guarantee the authenticity of software distributed from Launchpad.net including PPAs. There should be a mechanism to refuse signing keys below a minimum key length based on key type. 1024-bit signing keys should be deprecated and removed from Launchpad.net itself ASAP. Future projects and PPAs should be disallowed from using 1024-bit signing keys. 1. http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf 2. http://blogs.technet.com/b/pki/archive/2012/06/12/rsa-keys-under-1024-bits-are-blocked.aspx 3. https://threatpost.com/mozilla-1024-bit-cert-deprecation-leaves-107000-sites-untrusted/108114 To manage notifications about this bug go to: https://bugs.launchpad.net/launchpad/+bug/1461834/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp