Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Duplicate
Priority: P3
Fix Version/s: None
Affects Version/s: None
Component/s: security-libs
Labels:
None

Subcomponent:
java.security

According to NIST Recommendations (2012) [1] [2], algorithms weaker than SHA256 or DSA with 2048 bits of key length are disallowed after 2013. The default options of DSA should be

keysize: 2048
sigalg: SHA256withDSA

[1] http://www.keylength.com/en/4/
[2] http://sim.ivi.co/2012/04/nist-security-strength-time-frames.html

duplicates

JDK-8057810 New defaults for DSA keys in jarsigner and keytool

Resolved

relates to

JDK-7193096 keytool issue: not able to specify the provider for key generation

Closed

JDK-8015328 Generate 2048 bit RSA and DSA keys by default

Closed

Assignee:: Weijun Wang

Reporter:: Weijun Wang

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2013-05-22 19:20

Updated:: 2017-05-18 18:51

Resolved:: 2014-12-02 12:59