NIST: increase RSA key length to 2048 bit
Bug #1369487 reported by
Qin Zhao
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Medium
|
Qin Zhao | ||
OpenStack Security Advisory |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
According to NIST 800-131A, RSA key lenght for digital signature must >= 2048 bit.
In crypto.py, we use 1024 bit as the default key length to generate cert file, and does not specify any larger number to override the default value when utilizing it.
def generate_
Need to increase the default key length to 2048 bit.
information type: | Private Security → Public Security |
information type: | Public Security → Public |
tags: | added: security |
Changed in ossa: | |
status: | Incomplete → Won't Fix |
Changed in nova: | |
milestone: | none → juno-rc1 |
importance: | Undecided → Medium |
Changed in nova: | |
status: | Fix Committed → Fix Released |
Changed in nova: | |
milestone: | juno-rc1 → 2014.2 |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/121497
Review: https:/