yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1369487] Re: NIST: increase RSA key length to 2048 bit

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Fri, 19 Sep 2014 13:53:13 -0000
Reply-to: Bug 1369487 <1369487@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Information type changed from Public Security to Public

** Tags added: security

** Changed in: ossa
       Status: Incomplete => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1369487

Title:
  NIST: increase RSA key length to 2048 bit

Status in OpenStack Compute (Nova):
  In Progress
Status in OpenStack Security Advisories:
  Won't Fix

Bug description:
  According to NIST 800-131A, RSA key lenght for digital signature must
  >= 2048 bit.

  In crypto.py, we use 1024 bit as the default key length to generate
  cert file, and does not specify any larger number to override the
  default value when utilizing it.

  def generate_x509_cert(user_id, project_id, bits=1024):

  Need to increase the default key length to 2048 bit.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1369487/+subscriptions