Aren’t longer keys more effective than changing them often? Especially as a Chinese team of researchers stated that they have broken a RSA-2048 private key?
From: "George N. White III" <gnw...@gmail.com<mailto:gnw...@gmail.com>> Date: Wednesday, 28 May 2025 at 1:21:59 pm To: "Community support for Fedora users" <users@lists.fedoraproject.org<mailto:users@lists.fedoraproject.org>> Subject: Re: How to setup certs for https access for Fedora 42? On Mon, May 26, 2025 at 9:25 AM Tim via users <users@lists.fedoraproject.org<mailto:users@lists.fedoraproject.org>> wrote: Samuel Sieb: > > If you want a recognized certificate, you either have to buy one or you > > can use certbot to get a free one from https://letsencrypt.org/. You > > need to remember to renew it regularly. I think they're valid for 3 > > months at a time. That's what I use. Patrick O'Callaghan: > IIRC it's now down to 14 days, but certbot takes care of it > automatically. Why so short? One of the concerns is bad actors storing encrypted data until new methods (quantum?) allow them to decrypt the data. Changing keys more often multiplies the effort needed to get all the data, which is a good thing. -- George N. White III Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten. This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages.
-- _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
