Source: iceweasel Severity: critical Tags: security upstream When using client certificate authentication with client certificates with keys of 4097 bit RSA or larger you always get a diagnostic from the SSL layer saying that no memory was available which is funny because usinga key of the same size for the SSL server works just fine. Also using a 4095 bit RSA client certificate works just fine as well.
This breaks security in system where such keys are used and thus should be considered serious misbehaviour as cryptographic systems MUST NOT include an arbitrary limits on the key size of used cryptographic parameters. Please either remove this restriction completely or raise this to a much more sane value that is not limitting casually-paranoid configurations which use keys like 8192 Bit RSA for client authentication. A suggested increase could be 65536 Bit RSA, but better remove this limitation completely as it causes no real benefit. Furthermore RSA 8192 and up to RSA 16384 has to be considered as it corresponds roughly to 192-256 bit symmetric key sizes and thus properly configured systems enforcing 256 bit symmetric cryptography will also enforce asymmetric keys larger than 4096 bit for RSA or similarly for DSA and ECDSA. Kind regards, Benny Baumann -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (900, 'testing'), (800, 'stable'), (750, 'experimental'), (700, 'unstable'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 3.13-1-amd64 (SMP w/8 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
