Hi, On Wed, Feb 21, 2024 at 02:39:04PM +0000, Hans via Openvpn-users wrote: > Last week i got a reminder, that (at least in Germany by the BSI ) the > minimum key-length has been changed to 3072 bits. > And before someone is going to mention it: yes, I know that according to > NIST, 2K keys could be used until 2030 > > So, can Openvpn handle keys longer than 2K?
The actual asymmetric key handling (RSA certificates etc) is done by the
SSL library, there is no limitation imposed by OpenVPN. So 4k or even 8k
should be fine, it will just take much longer for the TLS negotiation, with
diminishing returns.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
