Am 29.09.22 um 12:19 schrieb Evgeniy Berdnikov via Exim-users:
>
>> corps and gov entities, which states, that 2048 bit RSA keys, for any
>> purpose,*should* not be used anymore in 2022.
> https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.pdf?__blob=publicationFile&v=10
>
> Comment to table 3.1:
>
> | For a period of use beyond 2022, it is recommended to use RSA/DLIES
> | keys of 3000 bits length to achieve a consistent level of security in
> | all recommended asymmetric encryption schemes. The key length of 2000
> | bits will remain compliant with this Technical Guideline for DLIES
> | keys until the end of 2022, and also transitionally for RSA keys until
> | the end of 2023.
>
> So, BSI statement is significantly different from what you wrote.
>
"recommended" is a suggestion to do something, not an enforcement. So
"should" is the correct form.
To shorten this up: 'You "should" use bigger keys, for a usage beyond
2022, but you don't need to.' (to stay compliant with the tr)
My POV here: "why waiting". Encryption doesn't slow down todays cpus
anymore as it has 15 years ago, same for a smartphone soc.
best regards,
Marius
