Bug 975246 - The vault keysize is not limited to 1024.
Summary: The vault keysize is not limited to 1024.
Keywords:
Status: CLOSED DUPLICATE of bug 953861
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Documentation
Version: 6.1.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Misty Stanley-Jones
QA Contact: Russell Dickenson
URL:
Whiteboard:
Depends On:
Blocks: 953861
TreeView+ depends on / blocked
 
Reported: 2013-06-17 21:45 UTC by Derek Horton
Modified: 2014-08-14 15:19 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Instance Name: Not Defined Build: CSProcessor Builder Version 1.8 Build Name: 13944, Security Guide-6.1-1 Build Date: 19-04-2013 15:46:54
Last Closed: 2013-07-25 01:07:55 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Derek Horton 2013-06-17 21:45:02 UTC
Title: Create a Java Keystore to Store Sensitive Strings

Describe the issue:
The vault keysize is not limited to 1024.


Suggestions for improvement:


Additional information:

Comment 1 Misty Stanley-Jones 2013-06-26 05:46:28 UTC
Is it limited at all?

Comment 3 Misty Stanley-Jones 2013-07-02 03:20:58 UTC
OK, I now know that 1024 is the default. I don't know if there is a limit.

Comment 6 Ondrej Lukas 2013-07-08 08:52:25 UTC
Verification on stage (http://documentation-devel.engineering.redhat.com/) failed. We test against documentation-devel and fix isn't there.

Comment 7 Misty Stanley-Jones 2013-07-09 06:59:33 UTC
This is very early in the development process and this change has not been scoped for a specific release yet. You won't be able to test it on the stage until it has been re-staged. However, you can test it on our continuous integration system and verify that the change itself is correct, so that we can make sure it goes into the next build.

Comment 8 Josef Cacek 2013-07-11 11:05:00 UTC
Even the value 2048 is not valid here. 

We should not talk about minimal, default or maximal values here. We can point user to his "keytool" documentation. The values can differ across algorithms, JDK vendors and Java versions.

We could also make some suggestion, e.g. reference the NIST recommendation - c.f. https://bugzilla.redhat.com/show_bug.cgi?id=953861

Comment 9 Misty Stanley-Jones 2013-07-25 01:07:55 UTC
I will action this. However, I'm marking it as a duplicate of bug 953861, because behind the scenes, this same topic is used in both.

*** This bug has been marked as a duplicate of bug 953861 ***


Note You need to log in before you can comment on or make changes to this bug.