On Sun, 2014-03-30 at 14:43 +0200, Pavel Kankovsky wrote: > On Sat, 21 Dec 2013, Till Maas wrote: > > > ENISA recommends to at least RSA 3072 keys: [...] > > If e.g. AES-256 is used. RSA 15360 is recommended for long-term usage. > > > > Therefore I would like to propose a packaging guideline about which > > minimum key size software in Fedora should generate by default. It seems > > to me that requiring RSA 3072 key by default in Fedora is a good initial > > compromise. [...] > > I know I am very late but let me add a comment: according to ENISA, > "near-term" means "at least 10 years" and "long-term" means "30 to 50 > years". (*) > > I do not think a particular SSH, TLS or similar key--at least unless it is > stored in a HSM (**)--should be used for 10 or more years, therefore it is > somewhat questionable how and to what extent ENISA recommendations are > relevant. I don't understand what do you mean using SSH and TLS for 10 or more years, but we have an expectation of secrecy of data for 10 or more years. When you do a TLS or SSH session you don't expect that your transferred data will be leaked within a few months or a year later. regards, Nikos -- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/security