Hi Yoichiro, As mentioned in your mail that "... this length is short and dangerous. I think that we should use 2048 bit." Could you share with us the source as well?
Thanks, Jacky On Wed, Mar 17, 2010 at 4:56 PM, Yoichiro Tanaka <[email protected]>wrote: > Hi there, > > I'm in charge of mixi platform supported OpenSocial in Japan. Our > platform has already been elapsed one year. Therefore, a signed > request has been supporting at this platform, and the key for signing > will be expired next month. > > When I generated the key, the modulus length of the key was 1024 bit. > But, I heard recently that this length is short and dangerous. I think > that we should use 2048 bit. However, if we use this length and sign > each requests, I'm afraid that some libraries for OAuth can't use the > key and can't validate the request... > > The bit length doesn't depend on the process of OAuth libs, right? > And, if you are in any containers, how much long is the key length you > are using? > > Thanks, > -Yoichiro (mixi, Inc.) > -- Best Regards, Jacky Wang (Office) +86-10-6250-3316 (Mobile) +86-1381-0018-677 Kejian Building, Tsinghua Science Park Building 6 No.1 Zhongguancun East Road, Haidian District Beijing P.R.China 100084
