On Wed, 2014-06-04 at 09:05 -0400, Simo Sorce wrote:
> > According to
> >
http://www.keylength.com/en/compare/
> > the asymetric sizes do not match the symmetric size according to most
> > sources listed on
http://www.keylength.com/en/compare/.
>
> That's old version. New one
(
https://fedoraproject.org/wiki/Changes/CryptoPolicy)
> is:
> Legacy: 767+
> default: 1023+
shouldn't this be 2047+ ?
If we do that then the applications that use these settings will be
unable to talk to any servers that offer 1024 keys. Given the number of
these servers that would be a good reason for applications not switching
to this centrally managed configuration system. That is we'd have these
settings as in a museum and no-one will be using them.
regards,
Nikos