Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

do we need to define key size? #39

Open
Sakurann opened this issue May 26, 2023 · 4 comments
Open

do we need to define key size? #39

Sakurann opened this issue May 26, 2023 · 4 comments
Labels
discuss ISO?
Milestone
1.0 Final

Comments

@Sakurann
Copy link
Contributor

just for the reference FAPI defines

  • shall require and use a key of size 2048 bits or larger for RSA algorithms;
  • shall require and use a key of size 160 bits or larger for elliptic curve algorithms;
@tlodderstedt
Copy link
Contributor

@danielfett @paulbastian What do you think?

@paulbastian
Copy link
Collaborator

I would define a very limited number of crypto suites that shall be used, obviously ES256 but not so much else

@Sakurann
Copy link
Contributor Author

related to #112

@Sakurann Sakurann added this to the 1.0 Final milestone Dec 13, 2024
@Sakurann Sakurann mentioned this issue Dec 13, 2024
Open
@nemqe
Copy link

nemqe commented Dec 19, 2024
edited
Loading

Does it make sense to reference NIST recommendations (or any other body) when it comes to key sizes, which hash algorithms with which key size and etc for a subset of what is chosen (RSA / ES256 / Ed25519?)?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discuss ISO?
Projects
None yet
Milestone
1.0 Final
Development

No branches or pull requests
4 participants
@tlodderstedt @nemqe @paulbastian @Sakurann