440074 – Root CA default keysize should be increased from 2048 to 4096

Bug 440074 - Root CA default keysize should be increased from 2048 to 4096

Summary: Root CA default keysize should be increased from 2048 to 4096

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Dogtag Certificate System
Classification:	Retired
Component:	CA
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	low
Target Milestone:	1.0
Assignee:	Christina Fu
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	443788
TreeView+	depends on / blocked

Reported:	2008-04-01 16:39 UTC by Bob Lord
Modified:	2015-01-04 23:31 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-08-28 19:33:26 UTC
Embargoed:

Attachments	(Terms of Use)

Description Bob Lord 2008-04-01 16:39:12 UTC

Description of problem:
Default keysize for Root CAs is 2048, but should be 4096. Roots may be very long
lived and should offer the highest strength that is known to be supported by
browsers and other toolkits.

Version-Release number of selected component (if applicable):
1.0.0

How reproducible:
Always

Steps to Reproduce:
1. Install the CA
2. Configure the initial root

You'll see that 2048 is the default.

Comment 1 Bob Lord 2008-04-03 21:18:59 UTC

Actually, let's set the default for all CAs to be 4096.

Note You need to log in before you can comment on or make changes to this bug.