[tahoe-lafs-trac-stream] [Tahoe-LAFS] #1801: are 1024-bit foolscap keys long enough?

Tahoe-LAFS trac at tahoe-lafs.org
Tue Apr 21 23:51:29 UTC 2015 

#1801: are 1024-bit foolscap keys long enough?
------------------------------+-------------------------------
     Reporter:  davidsarah    |      Owner:  warner
         Type:  defect        |     Status:  closed
     Priority:  major         |  Milestone:  1.10.1
    Component:  code-network  |    Version:  1.9.2
   Resolution:  fixed         |   Keywords:  foolscap security
Launchpad Bug:                |
------------------------------+-------------------------------
Changes (by warner):

 * status:  new => closed
 * resolution:   => fixed
 * milestone:  undecided => 1.10.1


Old description:

> > elb: while I'm active here, let me mention something else that bothers
> me ... it appears that the ssl keys used to protect tahoe's foolscap
> transport are rather strictly limited to 1024-bit self-signed keys
>
> > elb: and that appears to be decided within foolscap
>
> > elb: it would be kind of nice to be able to use a) longer, and b)
> signed keys
>
> Note that this doesn't affect Tahoe's confidentiality and integrity
> guarantees for files; it affects things like confidentiality of write
> enablers, which is (only) a denial-of-service issue.

New description:

 > elb: while I'm active here, let me mention something else that bothers
 me ... it appears that the ssl keys used to protect tahoe's foolscap
 transport are rather strictly limited to 1024-bit self-signed keys

 > elb: and that appears to be decided within foolscap

 > elb: it would be kind of nice to be able to use a) longer, and b) signed
 keys

 Note that this doesn't affect Tahoe's confidentiality and integrity
 guarantees for files; it affects things like confidentiality of write
 enablers, which is (only) a denial-of-service issue.

--

Comment:

 http://foolscap.lothar.com/trac/ticket/141 was closed with the release of
 foolscap-0.8.0, which creates 2048-bit certificates, so I'm closing this
 one out.

--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1801#comment:4>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage

More information about the tahoe-lafs-trac-stream mailing list