On Mon, 12 Apr 2021, Viktor Dukhovni via Exim-users wrote: > From: Viktor Dukhovni via Exim-users <exim-users@exim.org> > To: exim-users@exim.org > Cc: Viktor Dukhovni <exim-us...@dukhovni.org> > Date: Mon, 12 Apr 2021 17:01:27 -0400 > Subject: Re: [exim] 8192 length SSL keys > > On Mon, Apr 12, 2021 at 02:39:41PM -0600, The Doctor via Exim-users wrote: > > > Does Exim support 8192 bit SSL keys? > > Even 4096-bit RSA keys are noticeably slow/bulky, none of the > public CAs are using anything stronger than 4096-bit RSA keys and > most are using 2048. Why on earth would you want 8192 bits? > > If you actually want practical strong keys, use ECDSA P256, > Ed25519 or Ed449.
The public CAs seem quite conservative in the algorithms they'll use in issued certificates. The baseline specification document for Certificate Authorities can be found in: https://cabforum.org/baseline-requirements-documents/ and from the latest specification: 6.1.5 Key sizes For RSA key pairs the CA SHALL: Ensure that the modulus size, when encoded, is at least 2048 bits, and; Ensure that the modulus size, in bits, is evenly divisible by 8. For ECDSA key pairs, the CA SHALL: Ensure that the key represents a valid point on the NIST P-256, NIST P-384 or NIST P-521 elliptic curve. No other algorithms or key sizes are permitted. so it seems the Ed25519 and Ed448 algorithms are out for now. -- Dennis Davis <dennisda...@fastmail.fm> -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/