[jboss-jira] [JBoss JIRA] (WFLY-11169) Default ASYM_ENCRYPT asym_keylength is considered breakable
Radoslav Husar (Jira)
issues at jboss.org
Fri Oct 12 14:17:00 EDT 2018
[ https://issues.jboss.org/browse/WFLY-11169?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Radoslav Husar updated WFLY-11169:
----------------------------------
Description:
JGroups default asym_keylength is 512, however RSA keys less than 1024 bits are considered breakable (e.g. https://www.oracle.com/technetwork/java/javase/8-compatibility-guide-2156366.html )
We should baseline the default to a secure size universally supported in our supported JDKs. Also, since JDK8 the default is 2048.
was:
JGroups default asym_keylength is 512, however RSA keys less than 1024 bits are considered breakable (e.g. https://www.oracle.com/technetwork/java/javase/8-compatibility-guide-2156366.html )
We should baseline the default to a secure size universally supported in our supported JDKs. Since JDK8 the default is 2048.
> Default ASYM_ENCRYPT asym_keylength is considered breakable
> -----------------------------------------------------------
>
> Key: WFLY-11169
> URL: https://issues.jboss.org/browse/WFLY-11169
> Project: WildFly
> Issue Type: Bug
> Components: Clustering
> Affects Versions: 14.0.0.Final
> Reporter: Radoslav Husar
> Assignee: Radoslav Husar
> Priority: Major
> Fix For: 15.0.0.Alpha1
>
>
> JGroups default asym_keylength is 512, however RSA keys less than 1024 bits are considered breakable (e.g. https://www.oracle.com/technetwork/java/javase/8-compatibility-guide-2156366.html )
> We should baseline the default to a secure size universally supported in our supported JDKs. Also, since JDK8 the default is 2048.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list