> May I suggest 4096 bit with SHA-256.
I think the next step after 2K-RSA is ECC, and that 4K RSA isn't going to see
much deployment because of the computational cost. At least, that's how we see
things at my employer.
> And Chrome+Firefox still happily uses MD5 to sign SPKAC after offering you
> to create Low (512), Medium (1024) or High (2048) grade encryption keys
> (patch available for ages BTW) ...
If you can point me to patches, email, or whatever I can try to make sure those
links get seen by folks in charge.
/r$
--
Principal Security Engineer
Akamai Technologies, Cambridge MA
IM: [email protected] Twitter: RichSalz
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
