Bug 975246

Summary: The vault keysize is not limited to 1024.
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Derek Horton <dehort>
Component: DocumentationAssignee: Misty Stanley-Jones <misty>
Status: CLOSED DUPLICATE QA Contact: Russell Dickenson <rdickens>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.1.0CC: dehort, jcacek, lcarlon, olukas
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Instance Name: Not Defined Build: CSProcessor Builder Version 1.8 Build Name: 13944, Security Guide-6.1-1 Build Date: 19-04-2013 15:46:54
Last Closed: 2013-07-25 01:07:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 953861    

Description Derek Horton 2013-06-17 21:45:02 UTC 
Title: Create a Java Keystore to Store Sensitive Strings

Describe the issue:
The vault keysize is not limited to 1024.


Suggestions for improvement:


Additional information:
Comment 1 Misty Stanley-Jones 2013-06-26 05:46:28 UTC 
Is it limited at all?
Comment 3 Misty Stanley-Jones 2013-07-02 03:20:58 UTC 
OK, I now know that 1024 is the default. I don't know if there is a limit.
Comment 6 Ondrej Lukas 2013-07-08 08:52:25 UTC 
Verification on stage (http://documentation-devel.engineering.redhat.com/) failed. We test against documentation-devel and fix isn't there.
Comment 7 Misty Stanley-Jones 2013-07-09 06:59:33 UTC 
This is very early in the development process and this change has not been scoped for a specific release yet. You won't be able to test it on the stage until it has been re-staged. However, you can test it on our continuous integration system and verify that the change itself is correct, so that we can make sure it goes into the next build.
Comment 8 Josef Cacek 2013-07-11 11:05:00 UTC 
Even the value 2048 is not valid here. 

We should not talk about minimal, default or maximal values here. We can point user to his "keytool" documentation. The values can differ across algorithms, JDK vendors and Java versions.

We could also make some suggestion, e.g. reference the NIST recommendation - c.f. https://bugzilla.redhat.com/show_bug.cgi?id=953861
Comment 9 Misty Stanley-Jones 2013-07-25 01:07:55 UTC 
I will action this. However, I'm marking it as a duplicate of bug 953861, because behind the scenes, this same topic is used in both.

*** This bug has been marked as a duplicate of bug 953861 ***