Opened at 2012-09-04T23:47:17Z
Last modified at 2015-04-21T23:51:27Z
#1801 closed defect
are 1024-bit foolscap keys long enough? — at Initial Version
| Reported by: | davidsarah | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | 1.10.1 |
| Component: | code-network | Version: | 1.9.2 |
| Keywords: | foolscap security | Cc: | elb |
| Launchpad Bug: |
Description
elb: while I'm active here, let me mention something else that bothers me ... it appears that the ssl keys used to protect tahoe's foolscap transport are rather strictly limited to 1024-bit self-signed keys
elb: and that appears to be decided within foolscap
elb: it would be kind of nice to be able to use a) longer, and b) signed keys
Note that this doesn't affect Tahoe's confidentiality and integrity guarantees for files; it affects things like confidentiality of write enablers, which is (only) a denial-of-service issue.
Note: See
TracTickets for help on using
tickets.
