Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-17650

Amster generates RSA keys smaller than recommended

    XMLWordPrintable

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 6.5.3, 7.1.0, 7.0.1
    • 2021.6, 7.2.0
    • Amster
    • Rank:
      1|i0461q:

    Description

      Amster currently generates 2048-bit RSA keys (in AuthorizedKeyConfiguratorPlugin). Many key length recommendations say to use 3072-bit RSA keys as a minimum, and some customer scans will flag generation of 2048-bit keys as too small. We should bump the key size generated by Amster to ensure it continues to comply with security guidance (or make it configurable).

      Note: not marked as a security issue as at current technology, factoring a 2048-bit RSA key would represent an enormous scientific (or economic) breakthrough.

      Attachments

        Activity

          People

            neil.madden Neil Madden
            neil.madden Neil Madden
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: