Bug 975246 - The vault keysize is not limited to 1024.
The vault keysize is not limited to 1024.
Status: CLOSED DUPLICATE of bug 953861
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Documentation (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Misty Stanley-Jones
Russell Dickenson
Depends On:
Blocks: 953861
  Show dependency treegraph
Reported: 2013-06-17 17:45 EDT by Derek Horton
Modified: 2014-08-14 11:19 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Instance Name: Not Defined Build: CSProcessor Builder Version 1.8 Build Name: 13944, Security Guide-6.1-1 Build Date: 19-04-2013 15:46:54
Last Closed: 2013-07-24 21:07:55 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Derek Horton 2013-06-17 17:45:02 EDT
Title: Create a Java Keystore to Store Sensitive Strings

Describe the issue:
The vault keysize is not limited to 1024.

Suggestions for improvement:

Additional information:
Comment 1 Misty Stanley-Jones 2013-06-26 01:46:28 EDT
Is it limited at all?
Comment 3 Misty Stanley-Jones 2013-07-01 23:20:58 EDT
OK, I now know that 1024 is the default. I don't know if there is a limit.
Comment 6 Ondrej Lukas 2013-07-08 04:52:25 EDT
Verification on stage (http://documentation-devel.engineering.redhat.com/) failed. We test against documentation-devel and fix isn't there.
Comment 7 Misty Stanley-Jones 2013-07-09 02:59:33 EDT
This is very early in the development process and this change has not been scoped for a specific release yet. You won't be able to test it on the stage until it has been re-staged. However, you can test it on our continuous integration system and verify that the change itself is correct, so that we can make sure it goes into the next build.
Comment 8 Josef Cacek 2013-07-11 07:05:00 EDT
Even the value 2048 is not valid here. 

We should not talk about minimal, default or maximal values here. We can point user to his "keytool" documentation. The values can differ across algorithms, JDK vendors and Java versions.

We could also make some suggestion, e.g. reference the NIST recommendation - c.f. https://bugzilla.redhat.com/show_bug.cgi?id=953861
Comment 9 Misty Stanley-Jones 2013-07-24 21:07:55 EDT
I will action this. However, I'm marking it as a duplicate of bug 953861, because behind the scenes, this same topic is used in both.

*** This bug has been marked as a duplicate of bug 953861 ***

Note You need to log in before you can comment on or make changes to this bug.