On 10/10/2018 10:42 AM, Weijun Wang wrote:
On Oct 10, 2018, at 7:59 PM, Sean Mullan <sean.mul...@oracle.com> wrote:
There is really no other reason other than DSA keys have been the default
keypairs generated by keytool for a long time, so there are some compatibility
issues we would have to think through before changing it to another algorithm
such as RSA. Weijun might have more insight into that.
Not really. It was the default before I join Sun Microsystems many many years
ago. Maybe it was a NIST standard?
us government FIPS. It still is. But mostly US gov't is doing EC these
days... at least until all the quantum fear and doubt started creeping in.
As for compatibility, as long as someone is still using DSA then they might not
be specifying the -keyalg option.
If not DSA, should RSA be the new default? Or maybe RSASSA-PSS (I wonder if
RSASSA-PSS signature can always use legacy RSA keys) or EC? We don't have an
option to specify ECCurve in keytool yet (a string -keysize).
I'm away from the source code - but isn't it possible to configure the
default in java.security? Maybe what you is add a warning of the new
default unless disabled in java.security or explicitly set there?
Mike
--Max