[Ach] macosx and certificates > 4096bit
ianG
iang at iang.org
Thu Apr 17 12:22:36 CEST 2014
On 17/04/2014 08:50 am, Hanno Böck wrote:
> On Fri, 11 Apr 2014 14:04:01 +0200
> Adi Kriegisch <adi at kriegisch.at> wrote:
>
>> Just a note to anyone who runs into this issue which is still not
>> fixed with recent versions (10.9.2) of MacOSX: OSX cannot handle
>> certificates
>> >4096bit out of the box.
>
> Many Crypto-Implementations don't support that.
> NSS has some code to block such keys, too.
>
> The reason is Denial of Service. You don't want an attacker to be able
> to give you an insane math problem and disable your software.
Is that the reason? Or is that the reason they tell us?
There is some anecdotal evidence that there is pressure on American
suppliers to not support >4096. Nothing one can put a finger on, but
they seem to have reached a consensus based on nothing much.
iang
> Basically, you can expect that 2048 bit RSA is pretty safe (nothing
> even remotely in sight that may break it) and 4096 is thus a really
> good safety margin.
> The only thing you really have to fear with RSA 4096 are quantum
> computers or the unlikely case of a fast factoring algorithm. But if
> these happen, larger keys will probably not help a lot.
More information about the Ach
mailing list