RSA/DSA

To: <debian-security@lists.debian.org>
Subject: RSA/DSA
From: Wim Bertels <wim.bertels@khleuven.be>
Date: Fri, 25 Nov 2011 11:16:52 +0100
Message-id: <[🔎] 1322216212.2555.162.camel@zwerfkat>

Hi,

About Lenny and Squeeze: DSA
Application: ssh (openssh-server)

in general a RSA and DSA keypair are being used for ssh,
now regarding RSA one can freely choose the length of the key,
but for DSA this is fixed to 1024 bits,
this is on the lower part of the recommendations of FIPS 186-3,
which specifies (1024,160), (2048,224), (2048,256), and (3072,256).

So why isn't it possible to choose one the longer keylengths for DSA?

Or, (i'm not expert), but it seems logical not to use the DSA keypairs
(just deleting them), and only use the RSA keypairs (or am i missing
something)?

mvg,
Wim

Reply to:

Follow-Ups:
- Re: RSA/DSA
  - From: Florian Weimer <fweimer@bfk.de>

Prev by Date: Serwis - 6621: [ONTP SP] [SECURITY] [DSA 2353-1] ldns security update
Next by Date: Re: RSA/DSA
Previous by thread: Serwis - 6621: [ONTP SP] [SECURITY] [DSA 2353-1] ldns security update
Next by thread: Re: RSA/DSA
Index(es):
- Date
- Thread