[gnutls-devel] GnuTLS | certtool --sec-param high generates a smaller key than expected (#1320)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Thu Feb 10 10:52:20 CET 2022




Nikos Mavrogiannopoulos commented:


Bits are algorithm-specific and one cannot expect users such as system administrators to know the necessary number of bits for an algorithm. I've heard 128-bit RSA too many times. The intention of the sec-param is to allow the administrator to set security levels (low,medium,high) that will resonate. My view is that people who prefer to use the bits should continue doing so but they should be aware there is a more user-friendly equivalent. If the output message is not good enough let's improve just that.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1320#note_838327774
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220210/55879073/attachment.html>


More information about the Gnutls-devel mailing list