On Monday, May 18, 2015 09:14:12 PM you wrote: > While having a 4096-bit certificate is not necessary in order to be > secure, its only disadvantages are taking longer to generate (which I > don't think is much of an issue because it doesn't get regenerated very > often) and taking slightly longer for the handshake (which is > practically negligible on modern computers). > > Yes, saving the md5 of the accepted certs is a bad idea. I will fix > that.
People run quassel cores on very minimal systems and so I don't think you can say it's necessarily negligible. If the work someone is doing is so sensitive that a 2048 bit key is not sufficient, then it probably shouldn't be on IRC. 2048 bit keys are sufficient that there's usually easier ways to get the information [1]. Let's not go overboard. [1] https://xkcd.com/538/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1455990 Title: quassel-core generates an insecure certificate upon installation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/1455990/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs