[jboss-jira] [JBoss JIRA] (JGRP-2302) Default ASYM_ENCRYPT asym_keylength is considered breakable
Bela Ban (Jira)
issues at jboss.org
Tue Oct 16 10:34:00 EDT 2018
[ https://issues.jboss.org/browse/JGRP-2302?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bela Ban updated JGRP-2302:
---------------------------
Fix Version/s: 4.0.16
> Default ASYM_ENCRYPT asym_keylength is considered breakable
> -----------------------------------------------------------
>
> Key: JGRP-2302
> URL: https://issues.jboss.org/browse/JGRP-2302
> Project: JGroups
> Issue Type: Bug
> Affects Versions: 4.0.15
> Reporter: Radoslav Husar
> Assignee: Radoslav Husar
> Priority: Major
> Fix For: 4.0.16
>
>
> JGroups default asym_keylength is 512, however RSA keys less than 1024 bits are considered breakable (e.g. https://www.oracle.com/technetwork/java/javase/8-compatibility-guide-2156366.html )
> We should baseline the default to a secure size universally supported in our supported JDKs. Also, since JDK8 the default is 2048.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list