Dne 15.5.2015 v 13:33 Martin Basti napsal(a):
On 15/05/15 13:12, Petr Spacek wrote:
On 14.5.2015 17:23, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/4657
Looking at 3072 bit key size, I think we can prolong KSK key rotation
period
to 2 years.
It should be okay according to http
On 15/05/15 13:12, Petr Spacek wrote:
On 14.5.2015 17:23, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/4657
Looking at 3072 bit key size, I think we can prolong KSK key rotation period
to 2 years.
It should be okay according to http://dx.doi.org/10.6028/NIST.SP.800-81-2
section
On 14.5.2015 17:23, Martin Basti wrote:
> https://fedorahosted.org/freeipa/ticket/4657
Looking at 3072 bit key size, I think we can prolong KSK key rotation period
to 2 years.
It should be okay according to http://dx.doi.org/10.6028/NIST.SP.800-81-2
section 11.2.
Modified patch is attached.
Tha