Nick Tait wrote in <cbd27e43-11a9-105e-8247-50ccaa5dd...@tait.net.nz>: |On 2/10/2022 10:51 pm, Matus UHLAR - fantomas wrote: |> yes, Let's Encrypt clients generate 4096 keys by default, which is |> silly because intermediate R3 certificate is only 2048-bit. |> |> I configure let's encrypt clients to create 2048 keys. | |AFAICT Certbot still uses 2048-bit keys by default.
dehydrated uses 4096 by default (since 2016). OpenBSD used a 4096 bits one on top of Let's Encrypt, at least once this came up last... on June 15th this year. So please a little bit of respect for such decisions. (I do too, but do not ask me no questions.) --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)
