2017-05-29 16:03 GMT+02:00 Lauri Kenttä <lauri.ken...@gmail.com>: > On 2017-05-29 13:58, Niklas Keller wrote: > >> I have updated the RFC to use a "min_signature_bits" setting instead. >> > > At least that name is misleading. Most PHP users would probably wonder why > a setting of 128 does not allow the 160-bit hash from SHA-1 or the 512-bit > RSA. So the name should be more like "min_cryptographic_strength" (possibly > prefixed with "signature_") to make it clear that this is not really about > the bits in signature. > > I'm not totally convinced about this bit approach in general. What happens > if SHA-2 is suddenly broken and people move to SHA-3 of the same length? >
I'm open to better suggestions. Regards, Niklas
