Re: [exim] 8192 length SSL keys

On Mon, 12 Apr 2021, Viktor Dukhovni via Exim-users wrote:

> From: Viktor Dukhovni via Exim-users <exim-users@???>
> To: exim-users@???
> Cc: Viktor Dukhovni <exim-users@???>
> Date: Mon, 12 Apr 2021 17:01:27 -0400
> Subject: Re: [exim] 8192 length SSL keys
>
> On Mon, Apr 12, 2021 at 02:39:41PM -0600, The Doctor via Exim-users wrote:
>
> > Does Exim support 8192 bit SSL keys?
>
> Even 4096-bit RSA keys are noticeably slow/bulky, none of the
> public CAs are using anything stronger than 4096-bit RSA keys and
> most are using 2048. Why on earth would you want 8192 bits?
>
> If you actually want practical strong keys, use ECDSA P256,
> Ed25519 or Ed449.

The public CAs seem quite conservative in the algorithms they'll use
in issued certificates. The baseline specification document for
Certificate Authorities can be found in:

https://cabforum.org/baseline-requirements-documents/

and from the latest specification:


6.1.5 Key sizes

For RSA key pairs the CA SHALL:

     Ensure that the modulus size, when encoded, is at least 2048 bits, and;
     Ensure that the modulus size, in bits, is evenly divisible by 8.

For ECDSA key pairs, the CA SHALL:

         Ensure that the key represents a valid point on the NIST
         P-256, NIST P-384 or NIST P-521 elliptic curve.

No other algorithms or key sizes are permitted.


so it seems the Ed25519 and Ed448 algorithms are out for now.
--
Dennis Davis <dennisdavis@???>