https://bugzilla.suse.com/show_bug.cgi?id=1199184 https://bugzilla.suse.com/show_bug.cgi?id=1199184#c3 --- Comment #3 from Dirk Mueller <dmueller@suse.com> --- (In reply to Marcus Meissner from comment #2)
Is still considered secure, but other distros use longer keys and e.g. Dirk Mueller already argues on why openSUSE does not switch.
I'm not arguing, I was asking what needs to be done to implement a longer key for ALP. Based on factory first we should try to roll it out in openSUSE first and see the downsides before doing anything on SLE. From a brief look at https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pd... it appears that RSA2048 is the acceptable minimum, and other distributions are chosing larger keys. I don't really care which cryptographic method we chose, so elliptic curve is totally fine by me as well. I don't know the implications of that very thorughly though, more expertise is needed. -- You are receiving this mail because: You are on the CC list for the bug.